US8020030B1 - Counter-invasive software system and method - Google Patents

Abstract

A method and apparatus for detecting, curing and remedying invasive software installation inadvertently, negligently, or intentionally marketed by a vendor. A party may procure a product that sends back invasive data to a source. A testing regimen may identify and defeat sources of any invasive executables found. Accordingly, a party may identify those software packages deemed invasive, and may optionally provide a solution to either defeat or monitor them, where practicable. An independent developer may obtain intellectual property rights in the testing, solution or both of the counter-invasive software system or product. An independent developer may become a supplier of testing or solution systems, motivating a supplier by one of several mechanisms. The developer or damaged party may obtain a legal status with respect to the vendor or of a host of software as a customer, user, clients, shareholder, etc., in order to exercise rights and remedies or provide motivation to a vendor who does not take responsibility for its actions as executed by its marketed products.

Description

RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No. 10/728,061 filed Dec. 4, 2003 now U.S. Pat. No. 7,430,689, which is a continuation of U.S. patent application Ser. No. 10/335,132 filed Dec. 31, 2002, now abandoned which is a continuation-in-part of Ser. No. 09/969,176 filed Oct. 1, 2001 now U.S. Pat. No. 7,251,752.

BACKGROUND

1. The Field of the Invention

This invention relates to computerized methods for testing and tracking and, more particularly, to novel systems and methods for testing, tracking, and correcting effects of software or hardware systems arising from faulty programming, faulty manufacture, or inappropriate and invasive programming.

2. Background

Product development cycles have become shorter and shorter. More of the responsibility for testing and “debugging” products falls to the actual beta testers or alpha testers. Nevertheless, products are continuing their development cycle well into their marketing bases.

For example, software is often released for public purchase before the known errors from beta testing have been cured. Hardware is often likewise premature, and more difficult to correct. Alternatively, beta testing may be inadequate, leaving various problems extant within either hardware, software, or a combination thereof.

Purchasers are often left with a need for identification and cure of errors in commercially available software and hardware. In some instances, product manufacturers and suppliers actively solicit comments, improvements, detection and identification of errors, and the like. In other situations, manufacturers and marketers of products are not so forthcoming.

For example, occasionally, problems are comparatively esoteric, and may occur only in a few rare conditions or instances. Nevertheless, some errors occur with sufficient regularity as to seriously encumber users unaware of the existence of such product flaws.

In recent years, computer and software manufacturers have been repeatedly surprised, even amazed, at the groundswell of opposition to products that are not adequately tested, supported, corrected, recalled, or otherwise identified as having correctable flaws.

Software, in particular, has arrived at a new threshold of pain for purchasers and users. Never since the advent of government agencies for consumer protection against fraud, product failure, product inadequacy, manufacturer non-responsiveness, and the like, have so many dollars of product value been subject to such massive amounts of owner and operator time in order to obtain the purported benefits of the products.

Some manufacturers are swift to seek out and post notification of errors existing in their products. Typically, errors are identified, with associated patches for correcting the errors. In some cases, products are recalled. With the advent of the world wide web, a host of users may provide a corresponding host of error corrections, all freely available to users interested in improving the performance or reliability of a purchased software or hardware product in the computer industry.

Historically, a manufacturer or other purveyor of a computer-related product may face a dilemma with respect to certain product flaws. To the extent that an error, built into or programmed into a computer-related product, is comparatively esoteric and unlikely to cause problems for the majority of users, a manufacturer or developer may prefer to ignore it. To the extent that such a flaw or error is ubiquitous and likely to cause pervasive and obvious problems, a manufacturer may prefer to cure the problem. Similarly, to the extent that a problem is likely to cause a comparatively small disruption of promised service, a manufacturer may choose to ignore it. Alternatively, to the extent that a problem is likely to cause serious economic damages to a commercial or industrial user of a software product or physical damage to persons or property as a direct result of the failure of a computer-based product, a manufacturer will take appropriate steps to find a correction to the problem, announce the presence of the flaw and the availability of a corrective measure, and seek to bring all copies of the product into compliance with a corrected version thereof.

Nevertheless, product improvement is largely a matter of motivation. Motivation may arise from personal interest, individual or enterprise-wide frustration, desirability of a result, previous experiences and expectations, and the like. In current process for product improvement, little incentive exists to provide for skilled third parties to improve marketed products. By the same token, manufacturers, whether large or small, may have limited motivation, resources, or the like to locate and correct errors. In fact, a certain motivation may exist to not seek out errors, nor to highlight them, nor even to repair them, in many instances.

What is needed is a mechanism, whereby software and hardware products related to computer systems may be improved profitably by third parties. Likewise, what is needed is an apparatus and method for consistently providing the necessary resources for testing, correction, notification, and product redistribution for products and upgrades related to computer-related based products, whether software or hardware.

Other difficulties with software originate from purveyors and producers of “invasive software.” Invasive software typically provides various opportunities for the developers or sellers of software to obtain information from a computer of a user. For example, “cookies” are commonly understood data structures that hold certain user identification information that may be useful to a software supplier. The proliferation of cookies has become epidemic. Many users are unaware of the number of cookies being used by software and relied upon by software vendors. Likewise, users are less aware of the frequent internet contacts made to transfer information from cookies back to central computers owned by parties other than the software users.

New licensing language in certain software actually requests of users to provide sweeping authorization for software providers to install over the internet certain software extraneous to the principal offer of purchase. The software license asks consent for the purpose of collecting whatever information the seller or manufacturer chooses. These various types of invasive software may include reporters that report information back that users may not be aware is being reported back. Moreover, such software installation done extraneously to the basic software installation may even be as aggressive as moles that execute searching functions to determine information on the user's computer in order to report that information back to the software installer, vendor, or producer.

What is needed is a system and method for preventing and defeating the installation of unwarranted, unwanted, or undesirable software executables and data structures on computers of users. Defeating cookies, reporters, and moles may be a high priority for various parties owning sensitive proprietary information.

Moreover, many professional organizations such as corporations, government bodies, government regulatory agencies, administrative agencies, educational organizations, health maintenance organizations, medical practices, insurance companies, financial institutions, law offices, and the like, maintain, as a matter of course, extremely sensitive, proprietary, and confidential information. That information is not properly disclosed to third parties.

Third-party software installations or licenses request of a software user the broad sweeping right to install cookies, reporters, or moles. Such installations may be imposed over the internet, or from installation software initially, and the confidential information of clients and customers may thus be compromised. A software user may therefore be liable for the breach of confidentiality. Meanwhile, the software originally installed, which may have given rise to the subsequent or concurrent installation of spurious invasive software, has breached and caused the software user to breach duties to clients and customers.

A system and method are needed to remedy these breaches, and to hold accountable those who perpetrate through form contracts and licenses broad, overreaching purported rights to install invasive software on the system of a user and to obtain thereby confidential information of the user or customer and clients of a user.

BRIEF SUMMARY AND OBJECTS OF THE INVENTION

In view of the foregoing, it is a primary object of the present invention to provide a method and process for improving products, and particularly computer-related products by independent third parties. In certain embodiments, apparatus and methods in accordance with the invention may include obtaining a product from a vendor and testing the product for functionality and for defects in operation. Evaluation, after finding a defect, may include testing to determine a source for defects located in the product. Thereafter, a testing regimen may be developed to instances of the product containing the defect or fault.

Consistent with the foregoing objects, and in accordance with the invention as embodied and broadly described herein, a method and apparatus are disclosed. Certain embodiments of apparatus and methods in accordance with the invention may include solutions to hardware defects, software defects, or both. In certain embodiments, a method and apparatus in accordance with the invention may provide solutions in hardware or software effective to return a defective part to service, in order to serve without having the defect, or without having the condition exist giving rise to the defect.

In certain embodiments, the faulty product may be hardware or software. In certain preferred embodiments, the solution to faulty hardware defects may be provided by software configured to override, circumvent, or otherwise avoid states or conditions of the hardware giving rise to the defect. Thus, the defective operation of the hardware may be avoided by implementation of software in accordance with the invention.

In certain embodiments, a third party may assess a defect and a number of products, or the types of products affected by the defect in manufacturing or design, in order to provide a severity profile reflecting the extent to which the product has been distributed, or to which damage may have occurred to purchasers of the product. A third party, possessing information related to the severity profile corresponding to a defect, as well as methods of testing and optionally curing defects in products, may notify a vendor and develop a liability profile reflecting the extent to which a vendor may be responsible for the defect, with knowledge, or as a result of negligence.

Since some defects may affect the health or lives of persons, liability may be extreme, and may relate primarily to numbers of failures, independent of knowledge. In certain embodiments, a method may include providing a solution to a vendor in order to correct defects in products manufactured and provided by the vendor. Solutions may be selected from modifications to the product, instructions sets provided to a vendor, to a user, or to both, instructing on the steps for curing the defect, or publishing a solution to be implemented by an owner (e.g. user) who has or may purchase the product.

In certain embodiments, solutions may be entitled to intellectual property rights. Similarly, testing processes and methods may be entitled to intellectual property rights. Accordingly, in certain circumstances, it may be appropriate that the process will include obtaining intellectual property rights. Subsequent licensing of intellectual property rights may be directed to purchasers of products or owners of products having a desire to individually license, or may involve licensing to vendors of defective products in order to correct defects in stock or previously sold instances of the product.

In certain circumstances, a third party developer of testing processes and apparatus, or solution apparatus and processes, may take steps to obtain a legal relationship with a vendor, thus imposing a duty on the vendor to the third party. In this manner, a third party provider may become a second party with respect to a vendor as a first party in a legal relationship giving rise to rights and remedies to the formerly third party developer of solutions and testing.

A developer may provide information identifying a defect to a vendor, and, if available, existence of a solution available to the vendor. Thus, a vendor may be motivated to purchase and provide a test to users, or solution. For example, if a vendor cannot solve a problem, and desires only to recall, then a testing regimen may be extremely important. Alternatively, if a solution exists, then a field repair may be executed by a user, by an agent of a vendor, or other entity in accordance with the provided solution. Thus, a vendor may be motivated to provide testing or repairs in order to maintain customer satisfaction. In the event that a vendor is unconvinced of the risk, cost, liability, and so forth of leaving users unsupported against an embedded defect, the developer may demand that a vendor, cure the defect from a position of a legal relationship established as a customer, or the like.

Other systems and methods may provide software and processes to defeat and remedy the harms of invasive software.

In one embodiment, a process may include entering into an agreement and monitoring compliance of a vendor with the agreement in curing defects in accordance with obligations under the agreement. Alternatively, a developer may provide motivation from any suitable quarter including providing motivation to acknowledge and cure defects by taking steps toward obtaining a legal judgment. For example, one may file suit, may provide information to those positioned to file suit, or may take a status placing one in a position to file suit to enforce an agreement, or to motivate a vendor or manufacturer to enter into an agreement.

In certain embodiments, apparatus and methods in accordance with the invention may be embodied in hardware. In other embodiments, solutions may be embodied in software. In certain instances, a defect embodied in the hardware may actually be solved by a solution embodied strictly in software. In this kind of instance, careful programming may be able to circumvent certain activities, by selective execution of test instructions, provision of data, or other activities that may trigger activities by a processor, thereby allowing intervention by software in the originally intended operation of hardware or software. Thus, a problem may actually be solved entirely by an outside software solution. In certain embodiments, a process in accordance with the invention may be embodied in a set of data structures providing operational data, executable data, or both configured in a computer-readable medium to be executable by a processor.

In certain instances, a vendor may acknowledge a problem, yet assert its own ability detect a defect and cure the defect. In such an instance, a developer may contract with a vendor, causing the vendor to provide an alternative solution, and warrant the validity of the solution to provide a test and warrant the validity of the test. In such an event, a developer may continue to procure and test products provided by the vendor in order to monitor compliance and assure compliance with the agreement.

In certain embodiments, software systems and enforcement methods or remedy methods may be implemented in accordance with the invention in order to defeat invasive software. For example, various methods of uninstalling, publishing warnings, and bypassing invasive software may be implemented by users provided with sophisticated detection and defense software in accordance with the invention. Various approaches to spoof, block, disable, bypass, or otherwise neutralize the effects and functioning of invasive software may be executed in accordance with the invention.

Moreover, reflexive counter measures may also be included such as trapping the invaders who have improperly installed software, overreached in licensing themselves the right to install invasive software, or who have captured through invasive software inappropriate confidential information. In certain circumstances, typically in law enforcement and government agency work where judicial authorization may be obtained, counter-attacking systems may be possible to effectively wiretap or affirmatively attack systems that are collecting or using stolen confidential information.

In addition, processes may include curing the technical defects of software, and legally or administratively remedying the harms perpetrated by such invasive software. Various remedies may include governmental action, individual actions, class actions, shareholder actions, support by skilled counter-invasive software companies, and the like in order to defeat the effects of invasive software. Actions may be direct or indirect by any particular entity intent on remedying the harms caused by invasive software.

BRIEF DESCRIPTION OF THE DRAWINGS

The foregoing and other objects and features of the present invention will become more fully apparent from the following description and appended claims, taken in conjunction with the accompanying drawings. Understanding that these drawings depict only typical embodiments of the invention and are, therefore, not to be considered limiting of its scope, the invention will be described with additional specificity and detail through use of the accompanying drawings in which:

FIG. 1 is a schematic block diagram of one embodiment of a process in accordance with the invention;

FIG. 2 is schematic block diagram of an alternative embodiment of a process in accordance with the invention;

FIG. 3 is schematic block diagram of data structures suitable for implementing an apparatus and process in accordance with the invention;

FIG. 4 is a schematic block diagram of additional data structures, particularly adapted to support evaluation in accordance with a method consistent with the invention;

FIG. 5 is a schematic block diagram illustrating processes, which may be executed as software modules, or may represent software modules, in certain embodiments of an apparatus and method in accordance with the invention;

FIG. 6 is a schematic block diagram of processes required for securing rights in testing and solution processes in accordance with the invention;

FIG. 7 is an alternative embodiment of a process in accordance with the invention for developing product design solutions and motivating the implementation thereof;

FIG. 8 is a schematic block diagram of an embodiment of a process, which may be embodied as data structures, for monitoring compliance of vendors of defective products corrected in accordance with the invention;

FIG. 9 is a schematic block diagram of one embodiment of a hardware suite suitable for implementing an apparatus and method in accordance with the invention;

FIG. 10 is a schematic block diagram of one embodiment of a process, which may be embodied as software, firmware, or hardware modules, for implementing research, engineering, administration, and other functions of a process in accordance with the invention;

FIG. 11 is a schematic block diagram of a process in accordance with one embodiment of the invention illustrating installation and operation of both visible and hidden operations;

FIG. 12 is a schematic block diagram of a process typically used or perceived to be used by software vendors;

FIG. 13 is a schematic block diagram of various types of consents that may be obtained in licensure;

FIG. 14 is a schematic block diagram of a process that combines both professional responsibilities and software operation issues;

FIG. 15 is a schematic block diagram of a counter-invasive software system in accordance with the invention;

FIG. 16 is a schematic block diagram of one embodiment of various modular portions of a counter-invasive software system in accordance with the invention;

FIG. 17 is a schematic block diagram of a system and process for defeating the objectives and attempts of invasive software to breach duties of software users to clients and others;

FIG. 18 is a schematic block diagram of various alternative embodiments for implementing counter-invasive software systems in accordance with the invention;

FIG. 19 is a schematic block diagram of one process for defeating invasive software and those who rely on it; and

FIG. 20 is a schematic block diagram of alternative embodiments of processes for implementing a counter-invasive software system and a process for defeating purveyors of invasive software.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

It will be readily understood that the components of the present invention, as generally described and illustrated in the Figures herein, could be arranged and designed in a wide variety of different configurations. Thus, the following more detailed description of the embodiments of the system and method of the present invention, as represented inFIGS. 1 through 20, is not intended to limit the scope of the invention, as claimed, but is merely representative of the presently preferred embodiments of the invention.

The presently preferred embodiments of the invention will be best understood by reference to the drawings, wherein like parts are designated by like numerals throughout. Those of ordinary skill in the art will, of course, appreciate that various modifications to the structures detailed in the Figures may easily be made without departing from the essential characteristics of the invention, as described. Thus, the following description ofFIGS. 1-10 is intended only by way of example, and simply illustrates certain presently preferred embodiments consistent with the invention as claimed herein.

Referring toFIG. 1, aprocess10 may be embodied as one or several steps. The steps may be executed multiple times, and some steps may be executed in the order illustrated, or in another order as appropriate.

Nevertheless, aprocess10 may include an evaluation process or step12, adevelopment step14, asecurement16 of intellectual property related to solutions, aproposal18 proposing solutions to an original vendor, manufacturer, provider, or developer of a product under study, and anevaluation20 of a response obtained from the responsible party originally providing the product in questions.

In general, research, testing, evaluation, and the like may be embodied in astep12 regarded as anevaluation12. Evaluation, involves evaluation on the merits of a product designed, configured, fabricated, constructed, or otherwise put forth as capable of providing some functionality or implementing some duty on behalf of an owner or user. Testing in modern hardware and software systems in sometimes extensive, and sometimes adequate. That is, testing may be extensive and yet inadequate in much of the software and hardware available in the marketplace.

In other instances, standardized testing is available, but the commensurate skills are not implemented or otherwise applied to the problem. By whatever mechanism, products may be placed in the marketplace by vendors, suppliers, manufacturers, developers, and the like obtaining money for those products, whether hardware or software. The products may or may not comply with the fundamental functionality expected by an owner or purchaser. Likewise, the promised functionality may exist, but may have failures periodically or at various times.

In other circumstances, a condition imposed by a user may create a condition not foreseen by a manufacturer, vendor, supplier, or developer, thus causing either a failure of the product to provide the intended solution or functionality, or a failure of the product in some other mode. A failure by a product in a mode not testable, or known to a user, may lead to consequential damages to the user of the computer.

For example, in certain instances, a user may have a program crash, or a program may create bad information or data from an analysis, or other process. Likewise, a product, such as a computer may be responsible to provide information, which information may be provided inaccurately, to a wrong location, or the information itself may be wrong. In financial information, failure of a computer to provide correct financial information may cause a failure of a transaction, or more significantly, an incorrect transaction, not detected by the system itself, due to some flaw therein.

A process ofdevelopment14 may involve research, development, or any of the technical processes normally associated with preparing solutions to a problem. Whereas theevaluation process12 involves identification of the existence of problems, as well as identification of the source of such problems, thedevelopment process14 involves finding and implementing methodologies for temporarily or permanently resolving or avoiding problems identified by theevaluation process12. Some of the potential outcomes of adevelopment process14 may be alternative software, testing programs, hardware patches, software applications suitable for circumventing hardware problems, and the like. In certain embodiments, adevelopment process14 may fail, requiring users to either suffer through with a flaw, or avoid using a product in certain conditions. Alternatively, where a flaw goes to the fundamental purpose of a product, a failure in thedevelopment14 of a solution may require that a test be done to determine which products must be recalled and replaced.

In certain embodiments, thedevelopment process14 may involve development of a testing regimen. For example, theevaluation process12 may identify failures of a system to perform adequately, or to perform consistently, or without adverse impact on the systems in which the product is embedded or relied upon. In such a circumstance, thedevelopment process14 may be unable to use, or the testing regimen may be impractical to use for an individual user, or for anyone in the field. Accordingly, thedevelopment process14 may develop a testing regimen or application suitable for distribution for use by service people, users, owners, and the like in order to identify products that would contain flaws found during theevaluation process12.

As a consequence of thedevelopment14, new methods, processes, applications, hardware, and the like may result. Accordingly, asecurement process16 orsecurement step16 may secure to an independent developer, independent from the original providers, manufacturers, sellers, and so forth associated with the product in question, the intellectual property rights to proprietary tests, solutions, and so forth developed during the processes ofevaluation12 anddevelopment14. Intellectual property ownership may include patents, certifications, copyrights on materials, and so forth. Thesecurement step16 may be ongoing and may involve one or more products, depending on the applicability of the testing regimen, solutions methodology, hardware, software, and so forth.

In accordance with one embodiment of a method and apparatus in accordance with the invention, aproposal step18 may involve presentation to entities responsible for sales, distribution, manufacturing, and so forth of a subject project. The presentations may provide information regarding theevaluation process12, thedevelopment process14, outputs resulting fromevaluation12 anddevelopment14, presentation of proposed solutions, presentation of data, and additional information relating to business issues.

For example, during theevaluation step12, a technical evaluation of a product, its failures, and the sources of its failures may be augmented by business or industrial data relating to the prevalence of such defective products, the prevalence of the type associated with the defective product, and so forth.

Accordingly, theproposal18 may involve providing the context of the problem, the context of the business implications of the product to those involved in the manufacturing, supply, and distribution chain, as well as the possible, probable, or likely implications of the failure of the product with respect to the businesses that rely on the product. For example, it is very likely that a failure of a significant product in some aspect of its conventional or expected performance may give rise to consequential damages against parties knowing the significance, importance, and reliance associated with the product provided.

Whether theproposal18 is provided as a report, a paper, a letter, or a discussion, anevaluation20 of the response obtained may be in order. For example, a party or entity in the distribution chain may be more or less believing. Likewise, such an entity may be more or less concerned by the degree of liability. A company may regard liability as extreme and the probability of the liability ever arising comparatively small. Likewise, a company may regard the probability of the fault being detected very high and the net liability low. Accordingly, various responses may be provided forevaluation20.

Accordingly, theevaluation20 may lead to a test21 determining whether or not a licensing interest exists on the part of a particular party in the distribution chain associated with the product. If no licensing interest exists, then amotivation step22 may be appropriate.

For example, a company may need to understand the position of competitors. Likewise, the position of purchasers may be significant. In some events, only a threat of legal action will be found persuasive. In the legal arena, action may be based on the risks to a purchaser, class action based on risk to a class of purchasers, a false claims act based on providing faulty products to government agencies, with a degree of negligence, false representations, or knowledge of defects, and the like.

Following theproposal18, parties notified of the defects, the ability to detect defects, and possibly the ability to cure defects are on notice that further providing of faulty products is thereafter done with knowledge.

Accordingly, at a minimum, future products should be corrected. Previous products, provided without knowledge of the defect, or knowledge of and ability to detect to cure the defect, may provide less liability. Accordingly, either through persuasion, additional information, combining of additional statistics, proposing solutions to other downstream entities within the supply chain, or the like may providemotivation22 encouraging a license interest satisfying the test21. Similarly, legal action may be part of themotivation22 provided to a responsible (liable) entity within the supply chain corresponding to a subject faulty product.

On the other hand, once the test21 is answered positively,execution24 of a license, or licensing24 may proceed. Licensing may involve licensing of any or all rights to intellectual property associated with testing, solutions, or the like arising out of theevaluation step12 ordevelopment step14. In some instances, thelicensing process24 may include settlement of legal actions arising out of themotivation step22. Accordingly, licensing24 may be ageneralized agreement process24 in which threatening motivations from themotivation process22 are removed, as part of the overall exchange of value between the independent developer and the entity in the supply chain having liability.

In accordance with thelicensing process24, the supplying entity may distributesolutions30. In certain embodiments, the liable parties in the supply processes may prefer that the third-party developer responsible for thedevelopment process14 provide thedistribution step30. By whatever means, the third-party developer collectsroyalties26 based upon thedistribution30 of solutions.

In this context, solutions may be merely tests, applications to conduct tests, information on how to conduct tests, software for solving a problem, hardware patches, and the like. Any combination of solutions which tends to ameliorate the problem caused by the effective product may be embodied in a solution distributed30 to users and owners of defective products previously distributed. Similarly,distribution30 may involve distributing solutions to those holding stocks of faulty products, and to those parties still in the process of manufacturing products which might otherwise be faulty without the solutions provided. Distributing30 may also involve recalling products. Accordingly,royalties26 flow to the developer as a consequence of the value provided in the solutions distributed30. In one embodiment, aprocess10 may include afunding step28 in which all or a portion of royalties collected26 are fed back into anevaluation step12 to research, test, evaluate, and otherwise assess other products, as well as possible compliance issues with respect to products embodying the solution under license.

Referring toFIG. 2, embodied in two architectures asFIG. 2A andFIG. 2B, the relationship between entities or systems may be thought of in a variety of ways. To a certain extent, sequential relationships may apply. Nevertheless, in an ongoing process, involving multiple defects, multiple products, multiple companies, or the like, more of a free-form continuing communication architecture may exist.

Referring toFIG. 2A, anevaluation entity34 may involve a private party, such as an independent third-party tester or developer. Alternatively, an evaluation entity may be a public entity. Possible organizations or entities that may serve asevaluation entities34 may include organizations such as the Underwriters Laboratory, or an organization responsible for consumer reports and similar publications. The Consumer Product Safety Commission of the United States government, or similar agencies of state governments may serve asevaluation entities34. Public interest research groups may be evaluation entities, as may any private company, or foundation, or so forth. Ultimately,evaluation entities34 may identify problems, and may participate in some aspect of anevaluation process12. Identifying a problem or defect in a product may be a part of an ongoing process and may be aimed at recall, recommendations, or any other purpose. In one embodiment of a process in accordance with the invention, theevaluation step12, regardless of its motivation, may result in knowledge becoming available regarding defects in products.

Development entities36 may or may not be associated with theevaluation entities34.Development entities36 may be manufacturers in a conventional sense who try to improve their own products in response to evaluation processes12 conducted byevaluation entities34 within the manufacturing and distribution chain, or from outside. However, thedevelopment entities36 may just as well be independent third-party developers who are more skilled, or more motivated, and free from the daily routine pressures of those in the manufacturing and supply chain associated with the product.

Accordingly, thedevelopment entities36 may develop their own methodologies for solving problems in a more elegant manner. For example, anevaluation entity34 may recommend recall of a product. By contrast thedevelopment entity36 may provide a solution that allows for correction of a problem with a product, without recall.

Or, at a minimum, thedevelopment entity36 may provide a solution which can be distributed in association with a recall, greatly reducing the cost of actual recall from acquiring service by manufacturers or suppliers to simply distributing to registered owners a solution package. By eitherentity34,36, intellectual property rights may develop from either testing regimen, solution techniques, production alteration, solution application, or the like. Thus,intellectual property rights38 may be developed and captured through appropriate registrations, applications, and the like.

In general, some mechanism, including atleast motivation40 by way of information, and possibly including one or more of the steps from theprocess10 inFIG. 1, may lead to alicensing entity50. Amotivation entity40 may often be thedevelopment entity36. Meanwhile, thedistribution system42 ordistribution entity42 may be the parties in the manufacturing and supply chain, or thedevelopment entities36, or even simply theevaluation entities34, such as any case where information alone is sufficient to be distributed.

Accordingly,licensing entities50 may involve those giving licenses, those receiving licenses, and those providing the licenses or creating the licenses and negotiating them. Similarly, thedistribution entities42 ordistribution system42 may comprise many different entities involved in having either information, testing applications, solution applications, hardware fixes, and the like distributed to users and owners of defective products.

Accounting systems andentities44 may provide for tracking of distribution in order to provide funding by way ofroyalty collection26, and the like. Similarly, monitoring48 of compliance of responsible entities with thelicensing24 and with the correction of defects accordance with solutions and testing, may be provided. Again monitoring entities or systems may involve one or more entities from the entities within the manufacturing and supply chain, to the entities within theevaluation establishment34, to thedevelopment entities36 who stand to gain by proper accounting and collection of royalties. Thus,funding systems46 may involve processes and entities from multiple locations in order to execute them completely.

Referring toFIG. 2B, theprocesses32 orentities32 may be thought of assystems32.Systems32 may involve entities, processes, information, applications, and the like configured to accomplish the task. Accordingly, thecommunications system51 may be of any type required in order to provide effective communication between anevaluation system34,development system36, an intellectualproperty rights system38, and amotivation system40.

Similarly, adistribution system42 may include various entities, computer systems, information systems, and acommunication system51 as well as internal communications with respect to thedistribution system42. Thedistribution system42 may provide distribution of information and solutions, or information and testing applications, and the like. An accounting system made up of entities and relationships, together with their processes and communication hardware and software may provide theaccounting system44. Afunding system46 may operate by any suitable method to provide effective funding of evaluation processes12, development processes14, and the like.

Monitoring system48 may involve various entities, whetherevaluation entities34, or other entities. For example, the various entities may have those having access to licensing information from thelicensing entities50, accounting information fromaccounting entities44, and may be related tofunding entities46 orsystems46 associated with the funding processes.

Referring toFIG. 3, any of the processes ofevaluation12,development14,intellectual property ownership16, licensing processes24, motivation steps22, and the like may benefit from research data. That is, technical information regarding products, technologies, business, distribution, and the like may be important or required.

In general, adevelopment system36 may include entities, information, computer programs, databases, and the like. The resulting inputs and outputs fromdevelopment entities36 ordevelopment systems36, as well as the inputs and outputs from evaluation entities orsystems34 may be provided as inputs or outputs with respect to evaluation processes12 anddevelopment14 of solutions. The result of such information, or perhaps a requirement, may be databases or a database ofresearch data52. In general,research data52 may includeproduct data53,user data54,solution data56, andentity data58.

For example,product data53 may includestandards60 governing a product in question. Similarly, advertising, contracts, and the like may give rise topromises62 that become imputed or explicit obligations upon sellers, distributors, manufacturers, and developers associated with a subject product. In general, theproduct data53 may be regarded as technical data. Nevertheless, promises62 may be thought of as legal information regarding liabilities or obligations undertaken by entities within the distribution process of the subject product.

Similarly,product data53 may include various features64. Thefeatures64 may be advertised features, required features, legally regulated features, or the like. However, thefeatures64 may typically be those features that are regarded as having commercial value giving rise to expectations and obligations.

Likewise,functionality66 may be thought of as performance requirements.Features64 may or may not relate to technical performance, whereasfunctions66 will typically relate directly to the principal reason for the existence of a product. Accordingly, the functionality associated withfunction66 to which a product is supposedly suited, may be critical.

Likewise,structures68 may involve mechanical structures, data structures whether executable code or operational data stored by, as a result of or in the process of operation of a subject project, and may be documented by manufacturers, users, and the like. Accordingly, thestructures68 corresponding to a product may be thought of as those intentionally structured elements corresponding to a product, which are responsible for providing thefunctions66, thefeatures64, or both, associated with a product.

Data concerning failure modes and effects analyses70 may be important. One of the functions of anevaluation process12 is the determination of various modes of failure, and the effects thereof. Typically, failure modes andeffects analysis70 is thought of as an engineering and functional issue. Nevertheless, in the broader context of businesses and legal liability, failure modes andeffects analysis70 may propagate information beyond the strict function of structures, and relate to the consequential damages or probable effects flowing to businesses as a result of the failure modes of a product.Additional project data72 may exist as appropriate to a product and the industry it serves.

User data54 may likewise includestandards74.Many standards74 are regulated by governments. Other standards are contracted by virtue of either contracts themselves, or by virtue of standardized practice within an industry. Thus,standards74 may exist, and can be very important with respect to the evaluation processes12. Similarly, promises76 understood by users may besignificant user data54. Likewise, promises76 may not be generic and associated strictly with the product, but may rather be associated with a particular user. As product costs increase, and sophistication of users increases, promises76 may be more narrowly associated with a user, asuser data54, than with a product, as product data.

Likewise, features78 may be unique to a user, since much of commercial software, hardware, equipment, and the like is customized with features for a particular application, meaning a particular use by a particular purchaser. Likewise,tasks80 may be associated with a user and relate a user to a product.Ergonomic considerations82 may again be related to thetasks80, but will typically be a relational data source relating a user corresponding to theuser data54, to a product, corresponding to theproduct data53. Again, failure modes andeffects analysis84 associated with users in general, and a specific user, may exist as user.

For example, failure modes andeffects analysis70 of a product may relate to failure of other additional equipment. Failure modes andeffects analysis84 may relate to the consequential damages or effects on a user. Accordingly, damages86 may actually be a measure of physical or financial damages, related to auser54, as opposed to a product orientation, as withproduct data53.

Solution data56 may includeappropriate standards88, detection methods, processes, and equipment, collectively referred to asdetection data90, and the like. That is, in general,detection data90 may be modest or extensive. However,detection data90 may be critical to the process of effectively identifying and curing defects across a general population of users of equipment found defective, or software applications found defective.

Likewise,solution data92 may include any information related to provision of a solution. Typically, thesolution data92 will be used by, and provided by adevelopment process14 associated withdevelopment entities36. Accordingly,solution data92 may be inputs or outputs to thedevelopment process14 ordevelopment entities36 seeking to solve a problem and provide a solution thereto.

Solution data56 may includeintellectual property information94, particularly relating to the existence, nature, and availability of intellectual property protection for any of the processes and apparatus associated withsolution data92, and the like.

Entity data58 may include information relating to various entities. For example, standards bodies abound and regulate much of engineering, commerce, consumer relations, and the like. Accordingly, thedata96 of standards bodies may be significant. Thestandards bodies data96 may include information on the entities, as well as information on the responsibilities. Likewise, thestandards bodies data96 may lead directly to provision of thestandards data60,74,88 associated with eitherproduct data53,user data54,solution data56, or any combination thereof.

Similarly,activities data98 associated withentities58 may relate to official activities, unofficial activities, commercial activities, regulatory activities, and the like.

Accordingly,activities data98 may relate to responsibilities, undertakings, interests, willingness to engage in support or regulation, willingness to provide useful information, willingness to implement remedies, and the like. Similarly,ownership data100 may be significant, even critical, to identification both of users and owners of defective products, as well as the responsibility chain or liability relationships of various entities in the manufacturing, distribution, and marketing processes related to defective products.

Accordingly,ownership data100 may be extremely important to an overall resolution of product defects by independent third parties operating asdevelopment entities36. Thus,responsibility information102 may actually relate to bothownership data100 and to legal theories of responsibility, liability, and the like imposed by means of regulation, statute, contract, and the like. Thus,responsibility data102 may provide linkages to various entities associated with various aspects of providing and operating products.Responsibility data102 may extend toownership data100 associated, not only with ownership of factories and plants providing products, but with factories and plants using products after notification of defects.

Similarly,relationship data101 may include legal, commercial, engineering, analytical, and other relationships by which entities may interact. Likewise,identification data103 may be standard addresses, telephone numbers, other contact information, or relationships that may be hidden. For example,identification data103 may include identification information relating to entities, relating to products, relating to batches, relating to lots, and the like, as required to link entities with products, link products with products, link products with processes, and so forth establishing thestandards bodies data96 that is appropriate, theownership data100 that applies throughout the manufacturing, distribution, and use of defective products, and theresponsibility chains102 that may exist between any entities.Other data99 deemed useful regarding various entities may also be stored as appropriate.

Referring toFIG. 4, anevaluation system34 orevaluation entity34 may include numerous subsystems. The subsystems may also be thought of as sub-entities, or sub-functions. Thus, theevaluation system34 may be thought of as describing either a system of entities and their interactions, the functionalities, the interactions, or all of the above. Thus, in general, anevaluation system34 may include design104 corresponding to and responsible for providing product design. Design104 typically provides aesthetics and ergonomics associated with making a product pleasant, useful, and the like. By contrast,engineering106 is typically responsible for providing specification and functional analysis. In anevaluation system34,design104 may be dedicated to evaluation of design features. Similarly,engineering106 made to be focused on the engineered aspects of a defective, or suspected defective product.

Similarly, manufacturing108 may be responsible forevaluation12 of manufacturing processes and materials in a product. Similarly,distribution110,marketing112, andadvertising114, may all be invested in one or more persons, entities, systems, databases, and the like in order to evaluate distribution, marketing, and advertising, respectively, corresponding to a defective product. Often, the major education or communication processes of industry relate to thedistribution110,marketing112, andadvertising114 entities within a manufacturing or distribution process. In theevaluation entity34 orevaluation system34, theentities110,112,114, are responsible for providing the data and evaluation thereof corresponding to these functionalities.

Similarly, a failure modes andeffects analysis entity116 may evaluate, by any suitable means, whether with data or actual products, to properly evaluate12 a product, or its performance in failure modes anticipated.

From a business point of view,ownership entities118,control entities120, anddecision entities122 may also be thought of as entities responsible for evaluating, or as systems responsible for providingevaluation12 ofownership118, control andagency120, anddecisions122 that did or must have occurred within the manufacturing and distribution chain associated with a product.

By the same token,communications124, financing126,profits128, andconsequences129 typically relate to business aspects of distribution and manufacturing of a product.

Accordingly, entities, systems, or processes forevaluation12 of such information may be assigned to entities or tasks regarded asdecision entities122, communications orsystems124, financing entities orsystems126, profit evaluation systems orentities128, and consequence evaluation systems orentities129.

Referring toFIG. 5, adevelopment system36 orsystem entity36 may include entities or systems, as appropriate for accomplishing various tasks, such as collection and evaluation of information, providing analyses, providing new product design specifications or modification methods, and so forth. In general, adevelopment system36 will provide the functions for a new or modified product that a manufacturer, original developer, or other associated with the product would have provided in the beginning. The same functions must be performed for a modified product or a modification to a product. Similarly, an independent solution, a product in itself, must reasonably undergo the development process to assure that it indeed meets its functional requirements and needs, as dictated by the flaws being corrected in a subject product.

Aproduct design system130 may focus on the design aspects, including graphics, pleasantness, and general functionality that may not be as technically oriented, but nevertheless provides an operational and pleasing product. Similarly,functional analysis systems132 provide the analytical support for the proof of concept and operation of an improvement process or product.Structural analysis134 may involve a mechanical analysis of a mechanical system or a software testing analysis of the integrity of data structures and their relationships within a software product (e.g. application, module, etc.). Anergonomic analysis system136 provides the information required to assure that users can interact with a product suitably. For example, the ability of a user to read, distinguish, understand, interpret, and the like various icons, statements, text, labels, buttons, and the like on a computer screen may be extremely important. Interacting with mechanical or computer systems may greatly influence their utility.

Reliability, availability, maintainability, anddurability analysis systems138 may be implemented to assure that in time, between failures, the net downtime compared to the uptime, the total amount of service that a product requires, and the lifetime of a product are suitable.

In order to provide testing, tests must be designed. Therefore, atesting design system140 may be implemented by persons, machines, programs, or the like in order to provide testing design that will prove a product improvement, product modification, or solution product as a reliable option. Similarly,functional testing systems142 will actually implement tests as designed in order to assure that the functional features or functional operation of a solution product or product improvement operate correctly.

Likewise,structural testing systems144 andergonomics testing systems146 may execute tests as designed in order to assure that the structural integrity, whether mechanically structurally or logically structurally evaluated, meet product requirements. Similarly, RAM-D testing systems148 may assure the reliability, availability, maintainability, and durability of a product in accordance with expectations of meantime between failure, net fraction of up time or operational time compared to downtime, the total cost and effort associated with maintenance, and the overall lifetime of the product are suitable.

In certain embodiments of an apparatus and method in accordance with the invention, testequipment design systems150 may be required in order to implement tests. Hardware and software must be designed in order to provide test conditions to meet testing design criteria. Likewise, testequipment manufacturer systems152 may include people, machines, processes, and the like as needed to provide test equipment effective to conduct tests. Thus, test equipment may be manufactured in accordance with test equipment designs, in order to meet the conditions required to be imposed on a product during a test as designed.

Referring toFIG. 6, intellectualproperty rights systems38 may include people, processes, equipment, information, programs, computers, and the like as necessary to secure intellectual property rights. Accordingly,mark systems154 for securing trademarks, service marks, and the like may be implemented. Copyright systems165 may be implemented and relied upon.Other systems158 may be relied upon, including contracts, secrecy (e.g. trade secret protection), confidentiality, hiring, contracting, and the like in order to protect other intellectual property by other mechanisms. Also,patent systems160 may be in place to regularly or systematically identify and harvest patentable inventions.

Various of types ofmarks154 may includetrademarks162 orsystems162 for securing trademarks. In general, the illustration ofFIG. 6 identifies certainintellectual property rights38, and also fills the need of identifying intellectualproperty rights systems38 effective for securing and enforcing thoseintellectual property rights38. Thus, marks154 andsystems154 for marks may includetrademarks162,service marks164, certification marks166,collective marks168, and the like, as provided for in law.

Similarly,copyrights156 andsystems156 configured to secure and enforce copyrights may be directed toinformation170,collections172, includingdirectories174, and lists176, and so forth177, as well as various sources of information such asinstructions178. For example,instructions178 andsystems178 for capturing instructions may include software, instructions for modifying software, machine level instructions, software code for instructing a processor and a computer, and the like.

Patents160, andsystems160 for securing patents may includeprovisional patent applications182, andutility patent applications180.Utility applications180, orutility patents180 may include patents directed tomethods184, whetherdetection methods188 orsolution methods190, related to a subject product having a flaw to be detected and solved. Similarly,utility patents180 may include apparatus, typically in hardware or software, which may includeimprovement patents192,retrofit systems194,alternative systems196, or other combinations, improvements, and the like198.Intellectual property158 may include trade secrets or other intellectual property having value, and protected by some other mechanism. Typically, protections may be available by secrecy, contract, and the like, rather than by statutory registrations.

Referring toFIG. 7, aprocess40 suitable for motivating a reluctant vendor or manufacturer of a defective product from implementing an improvement product or an improved product may be useful. In one embodiment, amotivational process40 may include adisclosure200 disclosing certain problems to a manufacturer or supplier. Thus, a provider of a defective product upon receivingdisclosure200 may be informed of information identifying or describing aproblem206. Likewise,relational information208 may be provided in thedisclosure200. That is, identifying the relationship between a product, a problem, a liability, and a provider of the product may be important.

Accordingly,relations information208 may be important as part of a complete andeffective disclosure200. Similarly, disclosure ofsolutions210 may be critical to the understanding and the assurance of a potentially liable provider, thus assuring a limitation to liability and continuation of the problem. The presence of asolution210 may be important to motivation to acknowledge a problem.

Additional information that may be provided in adisclosure200 may befinancial analysis212. For example, costs214 whether relating to products, or improvements, damages, solutions, testing, or the like may all be important in the motivation of a provider of a product. Similarly, identification ofrisk information216 andreward information218. For example, proper presentation of corrections may actually be a profitable enterprise for a responsible provider. By the same token, risks216 andrewards218 may be shared by various entities including providers of a product,evaluation entities34, anddevelopment entities36 responsible for providing either testing, solutions, or both.

Other information219 may be provided as appropriate. In particular,certain terms220 may be provided as a motivation. That is, measuringrisks216,rewards218, profits, losses, liabilities, and the like, interms220 under which a solution may be obtained (e.g. detection, correction, or both) may be a motivating factor toward acknowledgment and correction of problems.

Before, after, or concurrently with adisclosure200, anacquisition step202 may acquire shareholder status for a developer or other entity giving a particular required status in a company. Similarly, anacquisition step204 to acquire class status may be used. In fact, both acquisition processes202,204 may be used. Ashareholder status acquisition202 provides some small degree of ability to influence from inside. Meanwhile,acquisition204 of class status as a customer, or other user, or damaged party using a defective product may provide a cause of action against a company that refuses to take responsibility for faulty products.

If thedisclosure200, and ultimately the providedterms220, are accepted by a company responsible for a defective product, then atest222 proceeds forward affirmatively towardcompliance monitoring230. Otherwise, if thetest222 results in non-acceptance of thedisclosure200,terms220, subsequent licensing, or the like, then ademand224 may be lodged. Demanding224 a settlement or acceptance of a settlement offer may result in an obligation on a company to disclose and accept the risk that the knowledge imparted by thedisclosure200 puts into the company at risk. If the risk is disclosed and accepted, then atest226 moves towardcompliance monitoring230, with respect to thedisclosure200.

On the other hand, instance of an unmotivated company that does not agree with the assessment of its liability may choose to stonewall against thedisclosure200, or even threaten, resulting in asuit232. The suit may also imply an additional responsibility on a company to identify the fact that it is involved in litigation over the issue at hand. Again, if the risks have not been disclosed and accepted by the company, then additional causes of action exist in thesuit232 against the non-disclosing company.

In each case, if thetest226 results in proper acknowledgment to shareholders of the risks and existence associated with the outstanding liability,compliance monitoring230 may be appropriate. In each case, however, to the extent that a risk is not disclosed and accepted, fully informing shareholders, then asuit232 may be followed bydiscovery234 followed bytrial236, and ultimately ajudgment238.

In any event, the progress, if not adequately reported, may add to additional risk, which must be reported and disclosed, returning repeatedly to thetest226. Ajudgment238 results incompliance monitoring230 with respect to the judgment.Compliance monitoring230 may include monitoring of warranties by a company with respect to its performance in dealing with the information from thedisclosure200, or with respect to any aspect of the legal actions232-238.

Meanwhile, issues ofinfringement242 may be monitored, since alternative solutions proposed by a company, and outside those developed by anindependent development entity36 may actually fail, resulting in a temptation to use an infringing solution. Meanwhile,functionality244 of any proposed solution may actually be in question. That is, adevelopment entity36 may provide a solution, and a company responsible for the product may develop an alternative. Nevertheless, if the alternative is not fully adequate, then it is not a true alternative. Thus, functionality monitoring244 may be a part of compliance monitoring230 of the activities of a company.

If a company remains compliant, then atest246 for compliance affirmatively answered maintains stable, or ends in thetest247 andprocess40. A negative response to thetest246 for compliance may result inadditional disclosures200 relative to the risks being run by noncompliance, looping through the entire motivation process again.

All of the information discussed with respect toFIGS. 3-6, and the entities and processes associated with theFIGS. 1-7 may be relied upon as appropriate during any and each of the steps of theprocess40.

Referring toFIG. 8, one alternative of embodiment ofcompliance monitoring230 may include compliance monitoring ofwarranty provisions240. That is, a warranty by a provider of a defective product, as a result of negotiation, settlement, or the like, with respect to amotivation process40,licensing process24, or the like may be warranted240 againstdegradation250 of performance, and affirmatively in favor ofeffectiveness251 of a product.

For example,warranties240 may be made providing that no degradation of service, operational parameters, or the like will occur. Similarly, the effectiveness to do the functional job may be warranted. Thus,warranty monitoring240 may involve monitoring250 of product performance to test for degradation, as well as monitoring251 of effectiveness to be able to properly operate and perform the function for which the product is intended.

Similarly, a provider of a defective product, or a formerly defective product, may contract, covenant, or be ordered to provide242 a proposed solution. The proposed solution provided242 may be that from thedeveloper36, or may be, optionally, an alternative solution proposed by the product provider itself.

As part ofcompliance monitoring230, a proposed solution, subject to thewarranty provisions240, may be evaluated244. For example, evaluations determining whether the solution fits allcases252, or a test for allcases252 may be part of theevaluation244 functionality. Similarly,evaluation254 of limits, such as, for example, degradation of performance as one option, may be significant. Similarly,evaluation256 for non-violation of intellectual property rights may also be a part ofevaluation244 of the functionality of the proposed alternative solution optionally proffered by a supplier of a formerly defective product.

Referring toFIG. 9, anapparatus270 may implement the invention on one ormore nodes271, (client271, computer271) containing a processor272 (CPU12). All components may exist in asingle node271 or may exist inmultiple nodes271,312 remote from one another. TheCPU272 may be operably connected to amemory device274. Amemory device274 may include one or more devices such as a hard drive or othernon-volatile storage device276, a read-only memory278 (ROM) and a random access (and usually volatile) memory280 (RAM/operational memory).

Theapparatus270 may include aninput device282 for receiving inputs from a user or another device. Similarly, anoutput device284 may be provided within thenode271, or accessible within theapparatus270. A network card286 (interface card) orport288 may be provided for connecting to outside devices, such as thenetwork290

Internally, abus292 may operably interconnect theprocessor272memory devices274,input devices282,output devices284,network card286 andport288. Thebus292 may be thought of as a data carrier. As such, thebus292 may be embodied in numerous configurations. Wire, fiber optic line, wireless electromagnetic communications by visible light, infrared, and radio frequencies may likewise be implemented as appropriate for thebus292 and thenetwork290.

Input devices282 may include one or more physical embodiments. For example, akeyboard294 may be used for interaction with the user, as may amouse296 or stylus pad. Atouch screen298, atelephone299, or simply atelephone line299, may be used for communication with other devices, with a user, or the like. Similarly, ascanner300 may be used to receive graphical inputs which may or may not be translated to other character formats. Thehard drive301 orother memory device301 may be used as an input device whether resident within thenode271 or some other node312 (e.g.,312a,312b, etc.) on thenetwork290, or from anothernetwork310.

Output devices284 may likewise include one or more physical hardware units. For example, in general, theport288 may be used to accept inputs and send outputs from thenode271. Nevertheless, amonitor302 may provide outputs to a user for feedback during a process, or for assisting two-way communication between theprocessor272 and a user. Aprinter304 or ahard drive306 may be used for outputting information as output devices In general, anetwork290 to which anode271 connects may, in turn, be connected through arouter308 to anothernetwork310. In general, twonodes271,312 may be on anetwork290, adjoiningnetworks290,310, or may be separated bymultiple routers308 andmultiple networks310 asindividual nodes271,312 on an internetwork. The individual nodes312 (e.g.271,312,314) may have various communication capabilities.

In certain embodiments, a minimum of logical capability may be available in anynode312. Note that any of theindividual nodes271,312,314 may be referred to, as may all together, as anode271 or anode312. Each may contain aprocessor272 with more or less of the other components14-44.

Anetwork290 may include one or more servers314. Servers may be used to manage, store, communicate, transfer, access, update, and the like, any practical number of files, databases, or the like forother nodes312 on anetwork290. Typically, a server314 may be accessed by allnodes271,312 on anetwork290. Nevertheless, other special functions, including communications, applications, directory services, and the like, may be implemented by an individual server314 or multiple servers314.

In general, anode271 may need to communicate over anetwork290 with a server314, arouter308, ornodes312. Similarly, anode271 may need to communicate over another network (310) in an internetwork connection with someremote node312. Likewise, individual components12-46 may need to communicate data with one another. A communication link may exist, in general, between any pair of devices.

Referring toFIG. 10, amemory system320 may include one or more physical entities containing information useable by persons or a computer. In one embodiment, amemory system320 may include one or more physical memory devices associated with processors or computer-readable otherwise in order to feed information into a processor. Thus, in general, amemory system320 may store executables and operational data for use by a computer in providing analysis, and outputs having utility in accordance with the invention. In certain embodiments, amemory system320 may storeresearch information322. The research processes320 orresearch module320 may include research information, and research executables for supporting or effecting research. Similarly, anengineering module324, whether physically a single entity or whether only logically related separate entities, may provide engineering.

Amanagement module326, which may be made up of other modules, logically related, whether or not physically contiguous in any portion of thememory system320. In general, anymodule322,324,326,327 may be embodied as any number of executable instructions at any level of instruction. For example, a single, machine-level instruction, or half a million lines of source code may each serve a role as some type of a module. Similarly, data compositions may be provided as operational data for use in execution by a processor. Such a combination of data may be a module.

Aproduct module327 may embody the portions of a product improvement process or offering in order to rectify flaws in a previously marketed product. Accordingly, aproduct module327 may be made up of separate modules that may be embodied in a computer readable medium in order to be distributed, or to facilitate distribution of product testing, product repair, or other product-related information. The modules making up theproduct module327 may be fully executable or fully operable on a computer.

Alternatively, portions of theproduct module327 may be exclusively operable on a computer. In other embodiments, portions of theproduct module327 may be software elements provided for use by a technician or user in implementing methods in accordance with the invention to correct or improve a product previously sold as a faulty or defective product.

Aresearch module322 may includeresearch criteria328.Research criteria328 may include any information regarded as significant, important, required, or helpful in either making investigations or in operating experiments and tests, or even in simply inquiring of search engines. Accordingly, theresearch module322 may include processes and systems forresearch instruments330. As with other illustrations herein, thememory system320 may also be thought of as a model or illustration of systems for providing the information and elements that are identified herein.

For example,research instruments330 may include hardware, software, or both for conducting tests, controlling tests, or evaluating tests. Similarly, setting up tests, designing tests, or the like may also be included inresearch instruments330.

Nevertheless, theresearch instruments module330 may also be thought of as one representation of information, software, programming, or the like effective to operate or interact with research instrumentation. Similarly, each block within thememory system320 illustrated inFIG. 10 may be interpreted as the system for providing information, or as the software, the hardware, the code, or any of the above. Similarly, each module within thememory system320 may also be considered as the information itself.

Accordingly, theresearch module322 may includesearch engines332 for searching other data or databases based onresearch criteria328. Thus, individual orindependent research instruments330 may provide new information, while thesearch engines332 may search for previous obtained information of others. Thus, theresearch database module334 may receive information both from theresearch instruments330 and thesearch engines332, in accordance with theresearch criteria328.

Research criteria may include products, product specifications, operations, advertising information, claims, functionality, common uses, and the like.Research instruments330 may be configured to test or evaluate any fact for its veracity.Research instruments330 may also be implemented to test a product for performance in accordance with advertised, regulated, standardized, promised, or expected performance factors as identified inresearch criteria328. Anengineering module324 may includeengineering analysis tools336,engineering modeling tools338,engineering design tools340,product design tools342, and the like. In general,engineering analysis tools336 may be thought of as analytical processes, programs, data, hardware, or any combination thereof that may be effective to evaluate the performance and function of a product in question.

Engineering modeling tools338 may be used to predict performance of such a product based on measurable or other identifiable parameters. Thus,engineering modeling tools338 may be thought of as predicting performance.Engineering analysis tools336 may be thought of as determining whether or not a device performs in a particular way, determining the failure modes and effects, and the like.

Meanwhile,engineering design tools340 may be thought of as tools relied upon by adeveloper36 ordevelopment entity36 in designing a product. Accordingly, information, computer programs, hardware, and the like, may all be a part of the engineeringdesign tool module340 available in theengineering module324 as needed to prepare a solution for a defective product or an effective test system for identifying defective products.

Product design tools342 may sometimes be confused withengineering design tools340. Nevertheless, product design processes are typically considered to be those associated with the acceptability or usability of a product with respect to a user.Engineering design tools340 are usually regarded as those associated with strict functionality within some specification, which is typically independent of human users, but may relate to function, strength, electrical parameters, data parameters, and so forth.

Amanagement module326 may include anadministrative module344 corresponding to administration of theresearch module322, theengineering module324, and possibly theproduct module327. In general,administration344 is a major part of tracking all information, feeding information into an analysis programs, retrieving outputs, and so forth. Themanagement module326 may include adata reduction module346 containing analytical processes and systems effective to reduce data to information usable in making decisions.

Similarly, aresearch communications module348 may provide the functionality required in order to communicate betweenvarious modules322,324,326,327 or within those modules. For example, information must be retrieved, distributed, analyzed, returned, and so forth in order to control systems, collect information, distribute required information to users thereof, and the like.

Aproduct module327, as with all themodules322,324,326,327, may be embodied in any suitable configuration in order to accomplish the logical purpose thereof, regardless of physical location of information or executable commands at any given time. Nevertheless, aproduct module327 may include atest module354, a deliverable provided to or capable of being provided to a user or vendor of a faulty product in order to test such products to determine whether or not a subject flaw exists in the product.

Similarly, asolution module356 may be optional, and may be distributed to a vendor, user, or others associated therewith in order to provide a solution solving a discovered flaw, discovered as a result of thetest module354 or by other mechanisms. That is, for example, testing and analysis may show that a particular serial number identifies a product having a flaw as a result of being manufactured by a specific process or at a specific location.

Accordingly, atest module354 may not be required if certain faulty products may be identified readily from some other criteria. Nevertheless, asolution module356 may typically follow atest module354 identifying a product as faulty. Accordingly, asolution module356 may be embodied in computer instructions effective to correct the hardware or software flaw detected in the product.

Similarly, adelivery module358 may include any or all of those processes, information, and things required to deliver atest module354, asolution module356, or both to an appropriate destination. For example, adelivery module358 may embody any or all, or any subset of all of the required processes, steps, and things required in order to provide information and services to an entity affected by a faulty product.

Typically, adelivery module358 may be used to inform perspective recipients of the existence, value, and criteria associated with thetest module354. Similarly, thedelivery module358 may embody processes and methods for identifying the significance, requirement, and availability of thesolution module356. Thus, thedelivery module358 may be an engine operating over the Internet to download software for thetest modules354, orsolution modules356 made available with respect to a particular product.

By contrast, thedelivery module358 may be conventional mailings of diskettes to users or purchasers identified with sales of a defective product. Various mechanisms fordelivery module358 may be embodied as required to obtain effective coverage of the distribution oftest modules354,solutions modules356, or both.

Thecompliance module360 may be embodied in several configurations to operate over conventional communication systems, networks, the Internet, on individual computers, or through other information collection systems. In general, acompliance module360 may provide information calculated to determine compliance of a vendor, supplier, manufacturer, or other entity in the supply chain, responsible for defective products, in order to determine whether or not the correct licensed solution, infringing solution, or an inadequate and faulty solution is being provided.

In certain embodiments, acompliance module360 may simply be a computer program operating on a computer in a test laboratory to which selected samples of products (e.g. test modules354,solution modules356, or both354,356) may be sent in order to do a sampled analysis for compliance. Thus, amemory system320 consolidated on a single memory device, on a diskette, on a computer readable medium of any type, in a computer system, distributed throughout multiple computer systems throughout the world, or in any suitable configuration may provideresearch322,engineering324,management326, andproduct327 effective to identify and remedy faulty products provided from a product supply chain from a manufacturer to users. From the above discussion, it will be appreciated that the present invention provides a method and apparatus for development of solutions to product defects by independent developers as third parties independent from purchasers and sellers of the products. A method and apparatus for improvement of computer-related products by an independent developer may solve problems in hardware or software inadvertently, negligently, or intentionally left in products marketed by a vendor. An independent developer may procure access to a product, develop a testing regimen for functionality of the product, and perform evaluations to identify sources of any operational defects found.

Accordingly, the developer may then provide a generalized testing regimen to test instances of product provided by a vendor, identify those containing the flaw, and may optionally provide a solution to the flaw, where practicable. The independent developer may obtain intellectual property rights in the testing, solution or both for the product. Thus, by notifying a vendor, an independent developer may become a supplier of testing or solution systems, motivating a supplier by one of several mechanisms. The developer may obtain a legal status with respect to the vendor by becoming a customer or user, in order to provide motivation to a recalcitrant vendor not designed to take responsibility for defects known and continued in marketed products.

Referring toFIG. 11, aprocess402 for installation and operation of software may begin with ascanning404 of available products. Scanning404 may include a variety of procedures accumulating information as to the functionality, suitability, and other factors that may relate software to the needs of an individual, institutional, or corporate user responsible for acquiring software. In general, scanning404 the available products, various literature from advertising, technical specifications, review articles, and the like may be involved in attempting to satisfy a commercial or business need adequately.

Anevaluation406 of the compatibility of software may also be conducted. No software is bought in a vacuum, at least not often. Typically, an individual organization or user may have hardware, software, connected systems, other associated peripheral hardware and software, and the like that will not be uninstalled or obsoleted by the installation and operation of new software. Accordingly,evaluation406 of the compatibilities and incompatibilities between a proposed software package and the installed base of hardware, software, and the like is typically undertaken.

Anotherevaluation408 may address the functionality of a particular piece of software. In some respects, users may actually dispense with theevaluation408 or functionality, having relied on the information obtained in thescanning process404 orevaluation406. Nevertheless, in typical installations, users, particularly the more sophisticated users may test, examine under operating conditions, download, beta test, and the like, particular software by way of evaluating408 the functionality in practice.

Ultimately, aselection410 results in a purchase, distribution, downloading, or the like, putting a user or organization in possession of particular software to meet a perceived need. The perception of need may be relevant to an individual user, an organizational manager or administrator, a system's administration, or a consulting organization or individual. That is, theactual selection410 may be delegated or relegated to one or several individuals or organizations. Thus, theselection410 of a software package may sometimes occur without the specific awareness of an organization or responsible management entity, inasmuch as many organizations actually rely specifically on the advice of a particular management information system organization or individual, a consulting organization, or the like. Nevertheless, by some means,selection410 results in software becoming available forinstallation412 followed byoperation414.

Installation412 may includevisible operations416 and hiddenoperations418. For example, visible operations may includepresentations420 to the screen of a user. Presentations may take a variety of forms including graphics, text, and the like. Typically, one may expect apresentation422 of a contract. Thepresentation422 is often couched in terms of a license to operate software. Thepresentation422 is typically a text representation of a document that, by its terms, is binding upon users and owners of the software selected. A location, dialogue box, input button, or other interactive device may be presented on a screen of a user to extract anacceptance424 of the terms in thepresentation422 of contract or licensing provisions.

Likewise, visible operations typically include a variety ofadministration426 types of tasks required in order to effect the installation process. Many users may think of theadministration process426 as the majority or the desired and significant portion of the installation of software. Nevertheless, from a vendor's point of view, theacceptance424 may actually be the most important. Moreover, a vendor of software may actually rely on an installer or owner substantially ignoring thepresentation422, and simply executing anacceptance424 by pressing a button, hitting an enter key, hitting a return key, or the like.

Meanwhile,administration426 may involve executables that provide substantial interaction with a user installing the software, or may be largely opaque to a user or transparent, although the effect of those terms is often used interchangeably. That is, a user may actually be unaware of what is happening other than the fact that installation is progressing as a number of “continue” buttons are activated to move the installation forward. In other installation processes, a user may actually be required to input various responses to inquiries into configuration data.

Some software may provide anuninstall428 option. Other software does not include anuninstall428, and thus may clutter a computer with substantial software library elements long after the software has fallen into disuse. However,responsible software installation412 provided by a vendor may typically provide some mechanism to uninstall428 the software.

On the other hand, hiddenoperations418 are not so benign, nor are its users so aware of their presence or what they are doing. In general, variousbackground maintenance operations430 are typically undertaken by aninstallation module412 for software or aninstallation process412.

That is, thevisible operations416, andhidden operations418 duringinstallation412 may be thought of as a set of necessary software modules. On the other hand, each software module and the execution thereof may be incorporated into a step or process. Accordingly,maintenance operations430 may be embodied incertain software modules430 for conducting thestep430 of maintaining the necessary files, identifiers, pointers, data writing and reading, register filling, default setting, and the like necessary to support theinstallation412 of a software package. Meanwhile,administration432 may involve much of the administrative work that actually underlies the maintenance of records, paths, identification of locations, addressing, sequencing of logical steps and the like.

However, otherhidden operations418 may includeinstallation434 of cookies.Cookie installation434 may involve the installation of data structures, embodied as executables or simply information, that will be read out from an individual's computer to a computer associated with another interested party. For example, acookie installation434 may involve a cookie that reports back the model of the computer, the name of a user, and the particular serial number and model number of the software installed. Thereafter, any time a user accesses the internet, thesoftware434 may actually be responsible to send a cookie back to the software vendor reporting on the status of the computer, software, or the like associated with the user.

Various types of software are created, with more or less invasive behaviors. For the sake of discussion, theinstallation436 of reporters, and theinstallation438 of moles are identified here simply by way of articulating different levels of intrusiveness or invasiveness associated withsoftware installation412. For the sake of discussion here, a cookie involves a modest amount of data. Typically that amount would be provided upon user registration of software in a traditional manner such as submission of a return postcard.

Reporter installation436 is used to refer to more invasive software that provides back to a vendor of software or manufacturer of software, or the like, additional information about the operation, configuration, status, or software installations on a computer. In general,reporter installation436 involves information that is readily available on a user's computer, and associated with a user's operation of the sold software for which theinstallation412 was invoked. The relationship may be somewhat tenuous, but some modicum of connection exists.

By contrast, theinstallation438 of a mole is intended to mean the installation of executables that acquire or inquire into additional information that is either more intrusive, or unconnected to the operation of the software in question.Installation438 of a mole may be thought of as installing software capable of extracting, without the knowledge of a user, information that a user would typically not reasonably believe to be necessary for support of software. It may be information that a reasonable user would not usually want to have available to others, particularly without the affirmative knowledge of that release of information.

That is, theinstallation438 of a mole may be thought of as what a reasonable person would consider an invasion of privacy. Thereporter installation436 may involve software capable of downloading information that a typical user does not want to divulge, but which effectively does no harm, cannot be used to do harm, is not embarrassing, and may involve simple collection of information associated with the operation of the software with other parts of a user's computer.

Thus, the distinction between theinstallations434,436,438 is somewhat arbitrary, but acookie installation434 might be thought of as something that a typical user would be willing to provide, areporter436 is something that a typical user might reasonably be expected to object to, and amole installation438 may typically involve information that a user would seriously object to. Either the information from the reporter or the mole may be significant enough to give rise to a legal cause of action if obtained without truly informed consent of a user.

Likewise, theoperation414 of the software involves bothvisible operations440 and hiddenoperations442. Typical visible operations may bestandard commands444, including those commands required to interact with the software duringoperation414. Likewise, theoperation414 of software, particularly an operating system or the like, may involvelaunchings446 of other software packages, libraries, subroutines, and the like.Various administration448 is typically required in order to maintain file integrity and execute the various tracking of files, process, and other data processing during thelogical operation414 of the software package.

User presentations450 may include the processes of retrieving and presenting information, as well as any graphical or other support in order to draw a user s attention to a particular item of information.User presentations450 may include such items as informative screens, output to a screen, output to a hard copy, or the like.Presentations450 may also include providing electronic outputs to other devices that may be used by a user. For example, an output of a software application or operating system may actually have the functionality of simply feeding or supporting another software application. Thus,user presentations450 may involve presentation of information to another medium or another device or another software package.

User interaction452 typically involves various types of interactive buttons, menus, dialogue boxes, and so forth as known in the art for interaction by a user with software. Typically,presentations450 may be thought of as those systems, devices, methods, and executables reasonable for presenting information to a user, whereasuser interaction452 may be thought of as those mechanisms, systems, devices, applications, executables, and the like that provide information from a user back to a computer and allow interaction therebetween.

Other operations454 may also be included, since the listing illustrated inFIG. 11 is not exhaustive by any means. Nevertheless, theseoperations414 illustrate good examples of the types ofoperations414 that may be visible440 of which a user may be aware.

Hidden operations442 may likewise include the ratherbenign maintenance operations456,administration458, similar in responsibility to thevisible operations440, and in support thereof. Similarly, however, in theoperation414 of the software,cookie operations460,reporter operations462 andmole operations464 may occur.

That is, corresponding to theinstallations434,436,438 in which invasive executables are installed, theactual operation414 of software may include theoperation460 of cookies and the executables for transferring data, fulfilling their informational needs, and sending them back over the internet. Likewise,reporter operations462 may report back information associated with a computer or a user, andmole operations464 may obtain more invasive information from the hard drive or processor of an individual user. Otherhidden operations466 may be legitimate or invasive. Meanwhile, however, hiddenoperations442, and hiddeninstallations418 are by their very nature hidden from the typical user. Thus, an unscrupulous vendor may provide acontract presentation422 that purports to obtain permission from a user to permit obtaining the information that might be reported out bycookie operations460,reporter operations462,mole operations464, or a combination thereof.

In the medical profession, a consent exists called “informed consent”. In the computer industry, the concept of informed concept may not be so thoroughly developed. Everyone acknowledges that a lawyer or doctor obtains highly sensitive information from a client. Most people may not be so sensitive to or so aware of the sensitivity of computer information. Fewer will be aware of the many opportunities that a computer connected to the internet may have to execute invasive instructions and send invasive instructions to collect and distribute highly sensitive information about a user or a computer.

Referring toFIG. 12, preparation of acontract presentation422 may involve various steps assembled in aprocess468. For example, aselection469 of terms and language may include identification of all of the information and obligations that are to be exchanged by parties. Typically,selection469 of terms and language may be thought of as a requirement in any preparation of an agreement or contract. A license is simply one form of a contract.

Meanwhile, some vendors begin to standardize470 the format for presentation of theselection469 of terms and language. For example, the size of the presentation, the content, the choice of language or terminology, the organization, the grammar, and the like may all be standardized470 in a way that makes a license orcontract presentation422 simple or complicated. Similarly,standardization470 may render a document long or short.Standardization470 may render a document likely to be read or unlikely to be read, likely to be understood or unlikely to be understood.

An unscrupulous vendor may standardize470 a format of acontract presentation422 in such a way as to maximize the likelihood that a user will not actually read and understand the contract. Thus, a user may actually never read a licensing agreement. Similarly, terminology may be selected so that a user is unlikely to understand all of the terms and language selected469 for inclusion in thestandardization470 of the format. Moreover, grammatical twists, turns, and formulations may also contribute to confusion.

In certain circumstances, text may exceed471aparticular length, such as the length needed to either lull or bore a reader into ceasing reading. Similarly, thestandardization470 of the format of a license may lull a user into security thinking that the license reads like, sounds like, looks like, etc. several other licenses by the vendor or by other vendors. Thus, exceeding471aparticular length may likely lull or to bore a user into not finishing the document, or into skipping over key parts thereof. This effect may be accidental or intentional.

Similarly, once aparticular contract presentation422 has been installed over many years, an unobtrusive modification472 may be effected without great fanfare or notice. For example, a line, a few lines, a slight variation of terms, or the like is much less likely to be noticed then would a major departure, a highlighted section, a section of a contract moved to the beginning of the contract, or a bolded portion of text near a signature block. Accordingly, unobtrusive modification472 may be effected in a document that appears to be identical to many other documents executed over years, and read at some point in the past.

Once an unobtrusive modification has been determined, as to location, terms, format, and the like, thenimplementation474 of those terms may be effected substantially at will. Accordingly, a user who is not extremely careful in reading every word of every license and understanding it, may effectively be duped into executing a contract on terms that are not understood or intended to be agreed upon.

Referring toFIG. 13, acontract presentation422 that may be incorporated into auser presentation450 in order to extractuser interaction452 accepting terms or consenting to terms may be legitimate. On the other hand, imbedded within legitimate terms and terminology may also be various versions ofconsent476 orextraneous consents476 authorizing a software vendor or others to conductinvasive cookie operations460,reporter operations462,mole operations464, or the like466.

For example, consent477 to the use of data created by or proprietary to a user may be included in the license agreement. Similarly,other consents475 may be extracted surreptitiously by a vendor. For example, a vendor may include through an unobtrusive modification472 aconsent475 for anything that an individual can legally consent to or contract for.

Some have observed that in America one can contract away almost every right except life and liberty. Accordingly,other consents475 may include consents not to object to certain invasive software installations, or consent to the use of information for various and sundry purposes, and the like.

For example, aconsent478 to other installations of software, over the internet, onto the computer of a user may be imbedded invarious contract presentations422. Similarly,disjointed consents479 may be imbedded in an unobtrusive modification472 or in the body of a license agreement in such a way that the totality of rights that have been granted or consented to is unclear to a user.

Thus, rather than using plain language, a vendor may surreptitiously obtain aconsent478 to install software, may obtain in an unrelated location a consent477 to use of data. A series ofdisjointed consents479 that do not appear related to one another may basically obtain an agreement that a user's computer may serve to a remote location information or processing at will.

Some have opined that the only difference between crackers, hackers, and certain reputable vendors of software may be that crackers and hackers do not have acontract presentation422 in which to obtain the misunderstoodextraneous consents476 that form the basis for invasive software installation and operation.

Referring toFIG. 14, aprocess480 demonstrates coalescing of potentially fractious duties or circumstances. For example, a professional in the health care industry or the legal industry may be subject toprofessional licensure482. Similarly, accountants, such as Certified Public Accountants, engineers, and various others may be subject toprofessional licensure482.

Having been subjected toprofessional licensure482, andundertaking484 of a duty of confidentiality is often part and parcel of the requirement or burden ofprofessional licensing482. Thus, by virtue of the regulatory scheme of a state or a federal government, licensing may bring with it theundertaking484 of a duty of confidentiality with respect to client information, customer information, or the like.

Theundertaking484 is no mean obligation. In the legal industry, for example, the duty of confidentiality is one of the principal obligations of an attorney, is protected by a substantial body of law, and is enforced by various entities, not the least of which is the State Bar organization of each state.

When apotential client485 approaches a licensed professional or a regulated professional organization to provide services, that organization or service provider may conduct aninvestigation486. Theinvestigation486 may involve checking conflicts that may exist or may potentially exist. Aninvestigation486 may cover the suitability of the services provided by the professional entity for clients in general, and for apotential client485 specifically, and the like. Aninvestigation486 may involve verification of the facts and information provided by apotential client485, as well as an investigation into the remainder of the practice of the professional entity.

Ultimately, atest488 may be thought of as the decision process by which a regulated professional individual or organization determines that representation of apotential client485 or servicing of apotential client485 is appropriate. If providing services is not appropriate, then thetest488 may result in anexit489 of the service provider from the relationship or potential relationship with apotential client485.

However, if thetest488 results in an affirmative decision to represent or service thepotential client485, then anengagement490 of theclient491 by the professional practice entity converts thepotential client485 into anactual client491 having a relationship.

In confidential relationships such as those maintained between professionals and theirclients491,disclosure492 of confidential information is routinely made byclients491. Processing494 of information may be manual, mental, computerized, or the like. Necessarily,disclosure492 of confidential information results in certain of theinformation processing494 including confidential information.

Similarly, processing494 usually entailsinformation storage496 before and after processing494. That is, raw information may be stored496 prior toprocessing494. Similarly, subsequent toprocessing494, new information may be stored496 forlater retrieval497 orfurther processing494 at will, or as necessary in the future.

Incomputerized information storage496,retrieval497, and even duringprocessing494, a great deal of administrative labor must be executed by a computer, in order to manage, identify, track, locate, and so forth important information. Accordingly,information retrieval497 inherently has a purpose, which purpose may be thought of as a delivery of data to destination.

Accordingly,information retrieval497 may result indirection498 of information to, for example,additional processing494. Likewise,information retrieval497 may involvedirection498 of information to a report. In certain situations, thecomputer operating system499 may actually be the destination to whichinformation retrieval497 may be directed498. A provider of thesystem software499 may program the operating system or other system software in such a way as to control thedirection498 of information retrieved497. Accordingly, thesystem499 may actually become an agent for a third party, directinginformation retrieval497 for the ends of an independent third party, such as a software vendor. Once a vendor has determined that it will direct498 surreptitiously information retrieved497 frominformation storage496, no practical limit may exist on the information. This information may be taken from aclient491 by way of theinformation storage496 andconsequent retrieval497 in the office computer of a licensed professional serving the client

Referring toFIG. 15, acounter-invasive software system500 orsoftware suite500 may provide several modules effective to counter the invasive nature, operation, function, or the like of invasive software. For example, aninstallation detector502 may identify installation operations that may be hidden from a user.

Similarly, thedetector502 may identify programs by name that are inappropriate, new, or that have been identified by a programmer as being invasive in nature. Thedetector502 may identify a type of file or a type of installation operation that is deemed inappropriate for legitimate software, or that has a high probability associated therewith that it is part of an invasive software package.

Similarly, various lengths and locations of various types of files may indicate that they are in appropriate. Adetector502 may catch software accessing regions of memory or of an operating system that should not be accessed by such an installation. In general, theinstallation detector502 has the function of detecting to the extent known by either classification, operation, specific name, or the like, the attempted installation of invasive software or invasive software types. It may also monitor access by software installation programs to generally regarded invasive locations and the like.

Other modules that may be included incounter-invasive software systems500 may includeoperation trackers504. For example, theoperation tracker504 may track both function and content of installed software or operations of installed software. For example, inputs, outputs, operations that appear to be mining information, access times, access durations, destinations of accessed locations, URLs accessed or transferred, e-mail addresses accessed or transferred, file types accessed, file names accessed, and the like may all serve to identify types of information that anoperation tracker504 may find useful. In general, anoperation tracker504 operates to identify behaviors in patterns or operations that might indicate a probability of existence of invasive software.

Another module in asoftware suite500 may be aninstaller506 that provides fordeletion507a, patching508a, or a combination thereof in order to uninstall all or part of invasive software. For example, aninstaller506 may be able to uninstall specific modules that are invasive, while leaving operable the remainder of an operating system or other software that was installed properly. In order to do so, it may be necessary to delete certain lines of code, and patch others, such as certain pointers, to obviate the need for the deleted coding.

Selective removal, total removal, or disabling software are all options. In addition, software may be spoofed. Software systems that are invasive may also be attacked by the sending back of spurious information, or by actual attacking executables.

Certainreflexive countermeasure software510 may be available only to governments and agencies sponsored by governments. Nevertheless, at a minimum,reflexive countermeasure software510 may include symbols imbedded in images, symbols imbedded in text, various signatures or fingerprints that are sent back, cryptic codes, and the like, that may later be identified in databases of invasive software vendors.

Thus, at some future date, after tracking504 of operations to identify an invasive software vendor,reflexive countermeasure software510 will have been providing nondescript combinations of characters or codes. These codes are simply data to an invasive computer. They may be identifying signatures identifying the source and impropriety of purloined information to an investigator.

In certain circumstances,reflexive countermeasure software510 may be operated by governments or under authorization of the government to send reporters, bombs, software, and the like back to the invasive software sources. However, it may typically be expected that invasive software sources treat incoming information strictly as data. However, to the extent that URLs or other addressing information are obtained by invasive software, information may be used that is accessed only bycounter-invasive software systems500. In such an operation, thereflexive countermeasure software510 may effectively misdirect invasive software systems to obtain information that will mislead and track invasive software to contact destinations (URLs and the like, etc.) uniquely created specifically for the purpose of trapping invasive software vendors.

In other alternative embodiments,operational bypasses512 may be provided to defeat invasive software. In general, abypass512 may simply return any necessary data or coded information in order to make operations appear as if they are successful or in accordance with the planning and programming of the invasive software vendor.Operational bypasses512 may delete507bor patch508b, or both, in order to provide seamless operation while actually redirecting pointers, spoofing moles and reporters, returning necessary directional codes, and so forth.

In general,counter-invasive software suites500 may include the ability to prevent operation, prevent successful operation, uninstall, or simply disable the appropriate coding of invasive software. In general, one may think ofcounter-invasive software500 as software formulated for the purpose of protecting computer systems of users who may inadvertently load invasive software. A principal function ofcounter-invasive software systems500 may ultimately be the surgical disabling of selected lines of code identified by programmers of thesoftware suite500, in order to maintain the legitimate operating system operation or other software package operation in the purchased software. This occurs while deleting successfully the invasive effects or harms thereof. Meanwhile, thesoftware suite500 may be counter-invasive by defeating the protections that ensconce the invasive software instructions within the legitimate software purchased.

Referring toFIG. 16, acounter-invasive software system500 may includedetection modules502 of various types. For example, adetection module502 may include anaccess type module525afor determining the types of access used by invasive software and tracking the same. Similarly, a module foroperation types526amay detect various operations that appear suspicious when viewed in the context of invasive software. Similarly,activity frequencies modules527amay detect frequencies of operations or activities that tend to indicate a signature consistent with invasive software's presence. Similarly,other modules528amay be used to detect any other characteristic by which invasive software operation or installation may be detected.

Tracking modules504 may include one or more modules for tracking behavior of various executables in a software package. For example, atracking module504 may includeaccess modules525bthat are responsible for recording and creating historical records of the various accesses made by a software package. Various operations may be tracked byoperations modules526brecording and databasing the types of operations conducted. Similarly,activity modules527bmay create and maintain records of the various activities that are conducted by software, including various calls and commands to the operating system, and the like.

In general,other modules528bmay track operation of software in order to create and maintain records of any activity that may provide a characteristic signature helpful in identifying or defeating invasive software and its handlers. Thus, in general, atracking module504 may include asmany modules525,526,527,528 as required or useful to be effective in creating and maintaining records that tend to identify software and manufacturers or sellers as being of an invasive type.

At least two major modules may provide executables effective for curinginvasion520 and for remedying harms530. For example, steps or methods for curing520 an invasion by invasive software may involve uninstallingmodules506 for partially or completely uninstalling invasive software, or modules associated therewith and deemed inappropriate and invasive.

Similarly, apublishing module514 may simply publish information to other users, the public, and so forth in order to make others aware of the nature of invasive software. The very nature of surreptitious invasive software is the lack of understanding by the public. Nevertheless, advertising is a powerful medium andpublishing modules514 may or may not be effective by publishing information over the internet regarding invasive tactics and details of various invasive software.

A bypassingmodule512 may include aspoofing module516 to spoof invasive software into believing that it has been operating properly. Similarly, while vilifying data is collected, controlling software at the site of or site controlled by an invasive software vendor may need to be spoofed into believing that the invasive software is operating properly. In other embodiments, or even in the same embodiments, blockingmodules517, disablingmodules518, bypassingmodules519, or the like may be used alone or in combination in order to respectively block the function, disable the function, or simply bypass the function. This may be done by an appropriate set of commands, deletion of commands, patches, and the like. Programmers analyzing invasive software might find straightforward mechanisms for effecting a bypassingmodule512 effective to bypass the operation entirely or effective operation intended by invasive software creators.

Reflexive countermeasure modules510 may include trappingmodules522, counterattackingmodules523, andother modules524. Trapping522 may be thought of as software effective to document a pattern of invasive behavior. It may effectively collect information adequate to identify the operation of invasive software and the source thereof. Trappingmodules522 may operate to use any of thesuitable curing methods520 in order to effectively document the invasions of an invasive software product.

Similarly,other modules524 may be created for appropriate reflexive countermeasures back against the invasive software module or the source thereof. In certain embodiments, governmental agencies may have the authority to providecounterattacking modules523 that are effective either to neutralize the effects of the invasive software, or attack the sources thereof or the users thereof. In general, trappingmodules522 may be the most appropriate since they may be thought of as employing defensive measures and self-incriminating measures against software vendors and creators who have sent forth invasive software.

Remedyingharm530 may include a variety of activities sharing certain steps corresponding with the curing processes520. For example, curing520 may be one remedy. Remedying530 by curing520 the effects may not result in any retribution, accounting, or even identification of a source, distributor, creator, or the like of invasive software. Nevertheless, curing520 an invasion of invasive software at least dispenses with the problem. In other processes, remedying530 may includegovernmental action522 including criminal prosecution by governmental entities, government lawsuits, government regulatory activities, and the like.

In addition togovernmental action522,individual actions524 may include legal recourse by individuals who have been harmed by the activities associated with installation, execution, or both, of invasive software. Individual actions may be brought by individuals who believe that their information has been compromised by the operation of invasive software. Individuals and companies owning computers that are hosting invasive software may have a cause of action on their own behalf. Similarly, professionals having responsibilities to clients, which professionals have stored client information on the computers at their professional offices, may have a cause of action individually or collectively. Clients may have a cause of action against unknowing users and knowing producers of invasive software.

Aclass action526 is anotherpotential remedy530 that may be executed by either groups of individuals whose computers are hosting invasive software, or on behalf of groups of individuals and entities whose information has been compromised by the installation of invasive software on the computers of servicing professionals. That is, for example, a health maintenance organization, hospital, doctor, lawyer, CPA, engineer, architect, or the like may host information that is effectively the property of a client. Breach of the confidentiality of the computer system of such a professional may constitute breach of confidentiality obligations by the license professional as owed to clients. Accordingly, a group of clients may file aclass action526 against both the professional hosting the invasive software through a license agreement, as well as against the manufacturer, developer, distributor, or a combination thereof, responsible for providing and accessing the invasive software.

As described hereinabove, ashareholder action528 may be maintained against a party liable for breaches of confidential information. Theshareholder action528 may operate using any or all of the steps described hereinabove for shareholder actions. A third party purchasing stock may bring a shareholder derivative action or other action, and may provide notification, creating an obligation by a Board, management or the like to report to shareholders on the exposure of a company liable for breaches of confidentiality, and the

Other remedies530 may includesupport530 by an independent third party for others bringing actions against invasive software providers or professionals using invasive software. As a practical matter, many professionals hosting invasive software may be completely unaware of the nature of the operation and the nature of the breaches resulting from operation of invasive software. In fact, this may be the gist of a license agreement that purports to obtain consent for operation and installation of invasive software on a computer.

Execution of a license requires only a click on a software button on a computer screen. Licenses have become pass. Individuals do not carefully read license agreements, imbedded terms obscured in the more-or-less conventional text may purport to obtainconsents476. An individual installing software is unlikely to read and study the license agreement, and is unlikely to fully understand the implications thereof. Accordingly, it may not be practical for every individual to ascertain exactly the extent of invasive software.

Many individuals rely on the “plug-and-play” support of software and hardware designers in order to minimize the actual depth of understanding required by an installer or operator of software. Nevertheless, individuals who do have sophisticated skills and knowledge with respect to software and hardware may evaluate newly published software, testing and probing to determine whether or not invasive executables are being installed. Accordingly, a third party may provide support by testing software prior to installation, testing installations of invasive software, and alerting purchasers and users of the invasive nature of software.Support530 provided by third parties may actually provide the evidence and the ability to collect evidence on behalf of the parties actually harmed by invasive software.

Thevarious remedies530 that may be relied upon may include bothdirect action532 of a harmed party against a party perpetrating the harm. Similarly,indirect actions534 may be taken.Direct action532 andindirect action534 may regarded in different contexts. For example, the harm itself may be direct or indirect, and the action may be taken directly or indirectly against a party, and the action may be undertaken directly or indirectly with respect to the beneficiary of the action.

For example, action may be taken directly532 against a supplier of invasive software. Likewise, action may be taken directly532 against a professional whose computer system uses invasive software to the detriment of a client.

Indirect action534 may be taken against a professional in an attempt to induce the professional to file adirect action532 on its own behalf for indemnification against a supplier of invasive software. Similarly, a shareholder may file adirect action532 against a corporation for the breach of fiduciary duty by the corporation due to a failure to remedy530 the problem being created by hosting invasive software on the corporate computers. A corporation may file anindirect action534 against an installer in order to induce an installer to take action or join in a class action against a provider of invasive software provided by the installer to a location of the complaining entity.

A beneficiary may be direct or indirect with respect to a cause of action. For example, a professional may maintain an action against a provider of invasive software on the basis of adirect action532 based on harm to the professional organization. Alternatively, one may rely on anindirect action534 based on the harm that the invasive software has caused a professional organization to be responsible for in the breach of confidentiality as to the professional organization's client information.

Referring toFIG. 17,counter-invasive software500 may be operated as part of an overall system to insulate parties from harm, protect against harms, and remedy harms. For example, in one embodiment, aparty A536 may possessconfidential information540.Confidential information540 may be transferred541 to anotherparty B538 through adisclosure542 fromparty A536. As described hereinabove, thedisclosure542 of theconfidential information540 may result indata storage544 on a computer owned byparty B538. Due to the relationship betweenparty A536 andparty B538, aduty543 may exist obligatingparty B538 to maintain in confidence theconfidential information540 ofparty A536. In order to satisfy theduty543 or discharge theduty543 by whichparty B538 is obligated to party A536,party B538 may installcounter-invasive software500 or execute acounter-invasive software system500 for protecting against and remedying harms that may arise from invasive software installations.

In general, a scenario may begin with aparty C546 providing548 a software license for execution byparty B538 to install and operate the software. In return, in addition to purchasing thesoftware license548 or purchasing thetransfer548 of the software license, aparty B538 may provide aconsent550 toparty C546. Theconsent transfer550 or thetransfer550 of aconsent476 orcontract acceptance424 ultimately results in a completed installation and operation of the invasive software on a computer corresponding toparty B538.

Following installation of the invasive software on a computer corresponding toparty B538, byparty B538 or on behalf ofparty B538,party C546 may sendqueries552. Thequeries552 may originate inquery engines554 maintained and operated on behalf ofparty C546. Thequery engines554 may be imbedded in thesoftware products556. In other embodiments, asoftware product556 may be provided with thetransfer548 of the software license. Certaininvasive executables558 designed to cooperate with thequery engines554 may be installed on the computer system ofparty B538 then or thereafter.

In response to thequeries552, theinvasive executables558 now installed with thesoftware products556 on the computers ofparty B538 may send back data559 toparty C546. The return response559 or data559 returned to party C may then become part of adatabase560 orother data560 downloaded byparty C546 fromvarious parties538.

Party C546 may typically usedata processing562 of its own design in order to harvest from the downloadeddata560 information that may be of use toparty C546. The downloadeddata560 may be mined to obtain profiling information with respect toparty B538, or may be used for other less benign purposes.

One of the major dangers ofsoftware products556 embodyinginvasive executables558 is that the difference between thesoftware products556 and attacks by crackers (illegal and harmful hackers) only seems to vary in the extent of the damage, and in the existence of theconsents476 transferred550 byparty B538. Nevertheless, whether or not thetransfer550 or theextraneous consents476 were actually given knowingly byparty B538 is or may be in serious question.

In certain embodiments,counter-invasive software systems500 may be installed by aparty B538 in order to defeat thequery engines554 of party C. That is, for example, thecounter-invasive software system500 may neutralize theinvasive executables558 as described with respect toFIGS. 11-16. Nevertheless, in other embodiments, a party D563 may provide several services to party B in order to effectively counter theinvasive executables558.

For example, acounter-invasive software system500 may be installed byparty B538 in a computer independent from those ofparty B538. Communication between computers ofparty B538 and party D563 may cooperate by communicating certain information. Party D563, or computers thereof, may hostcounter-invasive software systems500. In such an embodiment, a party D may transfer564 counter-invasive software services or may actually transfercounter-invasive software systems500 toparty B538 for installation.

In certain embodiments,counter-invasive software services564 may be transferred564 or provided564 toparty B538 remotely, being serviced by acounter-invasive software system500 hosted byparty B538 remote fromparty B538. In such an embodiment, party D and thecounter-invasive software system500 may collect or receive566tracking data568 provided byparty B538 by way ofexecutables500 provided by party D563 toparty B538.

Party D may provide more sophisticated and centralized services such asprocessing570 of evidentiary data that may be deduced or obtained otherwise from the trackingdata568 received566 fromparty B538 and the computers thereof. Accordingly, theprocessing570 may result in areport572 identifying the nature and extent of data invasion by theinvasive executables558 installed byparty B538. Similarly, theevidentiary data processing570 may also provide areport572 detailing the extent to which queries552 have attempted to obtain data transfers559 but were defeated by thecounter-invasive software system500.

Party D563 may also provide additional services by modifying theinvasive executables558 through someremedy process530. Likewise, party D563 may coordinate other more global remedy processes530, such as theremedies530 illustrated inFIG. 16. That is, to some extent the remedy processes530 may include curing520 the intended harms to be perpetrated by theinvasive executables558, as well as the possibility of remedying530 the global harms toparty B538, clients ofparty B538, or both.

In certain embodiments, a support module574 may be installed in a computer ofparty B538 in order to cooperate with the computer system of party D563. The support module574 may include the entire capability of thecounter-invasive software500, or may simply be a support system574 providing interaction with a remotely locatedcounter-invasive software system500 hosted by party D563 remotely fromparty B538.

In certain embodiments, party D563 may undertake to remedy576 relationships. That is, certain processes may be required in order to remedy576 relationships betweenparty B538 and, for example, clients such asparty A536. To remedy576 relationships may require negotiations, coordination, and the like, in order to maintainparty B538 and party the same side of the table with respect to defeating, undoing, and remedying530 the harms ofparty C546 thereto.

Referring toFIG. 18, aprocess530 for remedying harm may include various embodiments. For example, in one embodiment, aprocess530 for remedying harms may include acquiring580 a suitable status. That is, for example, some causes of action are available to customers, some to competitors, some to shareholders, and so forth. For example, acustomer status580amay be acquired by purchasingsoftware products556 in the first place. Similarly, any individual may acquire580 the status of acustomer580aby suitable acts of purchasing services or goods.

Similarly, an individual or organization may acquire580 aclient status580borshareholder status580c. In general, anyother status580dthat may be useful may be acquired by an injured party in order to establish the duty owed by aparty C560 distributingsoftware products556 containinginvasive executables558.

At some point, either before or after acquiring580 an appropriate status, atest582 may be conducted as to what harms have been committed. For example, an aggrieved party may, for example, initiate588 thetest582 by taking steps required in order to install590 thesoftware products556 in question. Initiation588 may include installing588aa counter-invasive software system, in order to either cure520 the invasive actions of theinvasive executables558, or simply to maintain the cause of action by subjecting oneself to the harm thereof.

Similarly, one may submit588btraceable data to acounter-invasive software system500 that is already installed. In other embodiments, an aggrieved entity may initiate588can investigation of facts or information giving rise to a cause of action for harms previously done.Other steps588dmay also be used to initiate588 atest582 for harm. In many embodiments, initiation588 may be followed by aninstallation590 of thesoftware products556 containing theinvasive executables558.

Uponexecution592 of theproducts556, collecting594 of the data, such as trackingdata568 by acounter-invasive software system500 may provide the necessary raw information forprocessing596. Processing596 of the counter-invasive software data, such as the trackingdata568 may be thought of as an embodiment ofevidentiary data processing570. Theprocessing596 may occur within a computer owned by, controlled by, or servingparty B538, or anindependent system500 owned by, controlled by, or in service of party D563.

Through the continuing and often repeated processes of continuing the executestep592, thesoftware products556, may continue to be executed592 therewith. Accordingly, either the actual harmful activity, or detection of the attempts by theinvasive executables558 to complete harmful acts will be tracked. Collecting594, processing596, and those associated tasks required to store andprocess570 this information result in a compiling598 of data. This data provides evidence against the purveyors, such asparty C546, of thesoftware products556 regarded asinvasive software products556.

Anaggrieved party B538 may thus present584 on its own, or in conjunction with a party D563, or a party D563 may present584 on behalf of all those situated asparty B538, a demand along with evidence compiled598 againstparty C546 responsible for distributing theinvasive software products556.

Depending upon the reaction of the offendingparty C546, the harmedparties536,538,563, either alone, together, or in any particular arrangement that is appropriate, may pursue586 a remedy according to the status thereof. For example, competitors have unfair trade competition regulation protecting them from inappropriate activities by those in commercial competition therewith. Similarly, customers have certain protections as consumers or industrial customers.

Aparty A536 served by a professional entity asparty B538 may have a cause of action againstparty B538 for breach of duty. It may have another cause of action againstparty C546 resulting from installation ofinvasive software products556 and subsequent transfers559 ofconfidential information540.

Pursuing586 remedies according to the status of an aggrieved party may be conducted by any of the methods discussed hereinabove. For example, shareholders and other aggrieved parties may have various types of remedies that can be pursued586 in accordance with the apparatus and methods described inFIGS. 1-10, andFIGS. 11-17.

Referring toFIG. 19,detection602 may include identifying relationships betweenvarious parties536,538,546,563, as well as determining the flow ofsoftware products556 deemed to be invasive. It may include other gathering of information to determine the intent and effect of theinvasive software products556.

For example, optionally, analysis or even development of a solution for curing520 the harms intended byinvasive executables558 may be conducted. This may be done by aparty B538purchasing software products556, or another party D563 attempting to provide a public service or commercially available product.

Within adetection step602, a party C563 orparty B538 may investigate how a particularinvasive executable558 operates, how it can be tracked. One may identify the types of locations and types of information that are relied upon thereby. One may identify methods for security or operation ofexecutables558 and schemes be which they may be defeated, spoofed, or otherwise cured520 in order to render theinvasive executables558 inoperable or ineffective.

Afterdetection602, contacting604 various parties may be appropriate. For example, announcing the issues, announcing to the public through the Internet, newspapers, trade publications, and other mechanisms, the nature of theinvasive executables558 or the like may identify to anaggrieved party A536 or endangered andaggrieved party B538 the nature of the problem. Contacting sellers ofsoftware556, users, and the like may occur in any manner currently available through market advertising, or public service announcements.

Certain suppliers ofsoftware products556 may be very interested in knowing that thesoftware556 that they are reselling is invasive in order to limit their liability. Accordingly, contacting604 may obtain a great amount of support by various interested parties. Similarly, contacting604 may be delayed by parties who are afraid that they have liability, and accordingly choose to ignore thedetection602 ofinvasive executables558.

In order to solve the problems caused byinvasive executables558, setting up606 a counter-invasive software system may be done as explained hereinabove. For example, thesetup606 ofcounter-invasive software systems500 may involve the computers of auser538bor a remote service provider party D563, who has been subjected to theinvasive software product556.

As discussed, operating608 thecounter-invasive software system500 to obtain the benefit of its various processes of tracking, such as might be required in order to trap522 aparty C546 may provide trackingdata568.Tracking data568 may help in identifying the nature and extent of invasion byinvasive executables558. Typically, operating608 may include transfers such astransfers564 of services or software, and transfer566 of trackingdata568. Processing570 and generation of data invasion reports572 may then be effective to trap522 offendingparties546. Thus, continuing to collect, analyze and report offensive activities byinvasive executables558 may be embodied in the operating608 process of thecounter-invasive software system500. Eventually, atest610 may require evaluating610 evidence provided by the operating608 of thecounter-invasive software system500. If evidence is insufficient, then atest612 for the likelihood that aparty C546 is improperly invading or improperly providinginvasive executables558 may result in moving on to anotherparty C546 with an initiation of theprocess600 beginning at detecting602 aninvasive software product556.

On the other hand, what if thetest612 determines that the evidence is not sufficient, but nevertheless indicates that a likelihood exists that an offendingparty C546 is providinginvasive executables558? Then theprocess600 may return to either contacting604 additional aggrieved parties, continuing to operate608 thecounter-invasive software system500 to obtain more information or better information, or both. Ultimately, thetest612 will result in theevaluation610 providing sufficient evidence, or theprocess600 will move away from a particular targetedparty C546 toother parties546 that may be offending.

Atest614 may determine the status of anaggrieved party B538. In some embodiments, a party D563 may have initiated588 steps to test582 for harm, and may have acquired580 a status giving it a cause of action againstparty C546. In other embodiments of aprocess600, anaggrieved party B538, or a damagedparty A536 may already be within a particular class qualified to execute616 class steps.

Similarly, a shareholder, or a party D563 that has become a shareholder, or even a damagedparty A536 that has become a shareholder, may execute618 the shareholder's steps as described hereinabove. That is, class action steps and shareholder steps have been described in detail hereinabove and may be executed616,618, by those desiring the appropriate status in order to bring anaction620. Meanwhile, other steps may be executed to bring anaction620 under other bases. The process of bringing620 an action may involve or invoke any of the processes and procedures described hereinabove.

Meanwhile,discovery622 following bringing620 an action, may result in a variety of reactions. Atest624 may be thought of as determining624 whether an offendingparty C546 elects to be cooperative or not. If a party chooses to be cooperative, then asettlement process626 may be appropriate. If not, atrial628 may be appropriate.

In either event,entry630 of an order should be appropriate. Insettlement626, a contractual arrangement may actually be substituted as the terms of an order, followed by an order of dismissal, or may become the terms recited upon entry of anorder630. That is, in general, a court order is an appropriate document to be entered630 to close anaction620. Ifsettlement626 results in a contractual arrangement, a court will often enter630 an order adopting or memorializing the agreement as a closure of the case. In other cases, parties contract and then agree to a dismissal order.

Afterentry630 of an order, monitoring632 compliance ofparty C546 with the substance of the order, may result in compliance or non-compliance. Accordingly, atest634 may be thought of as determining whether or notparty C546 is in compliance or not. Ifparty C546 remains in compliance, then monitoring632 continues and theremedying530 continues in accordance therewith.

If, on the other hand,party C546 falls out of compliance, then theprocess600 may result in returning to theevaluation610 of the evidence extant. Again, theentire process600 may optionally be ratcheted back to its beginning withdetection602, or any intermediate step may be taken, in order to enforce compliance in accordance with theentry630 of the order.

Referring toFIG. 20, aprocess600 may include detecting602 and contacting604 as described with respect ofFIG. 19. However, inquiries605 may be conducted in order to determine on behalf of aparty A536 whether or notParty A536 has been harmed by aparty B538 being invaded by software of aparty C546. That is, in the example ofFIG. 19, aparty B538 may set up606 and operate608 acounter-invasive software system500. In the embodiment ofFIG. 20, an aggrieved party A536 may make inquiries605 to aparty B538, to determine whether or notparty B538 may possibly have compromised theconfidential information540 ofparty A536 by allowing improper access toparty C546. Again, atest536 may be thought of as a determination as to whether aparty B538 or aparty C546 has been cooperative in responding to inquiries605. In some embodiments, the inquiry605 may be conducted by a party D563 more innocuously than inquires fromparty A536. That is, an independent party D563 may be able to make determinations more easily than anaggrieved party A536.

By whatever mechanism, aparty B538 may be cooperative or not. However, an alternative mechanism exists in which a party conducting inquiries605 may not want cooperation. That is, for example, aparty A536 may actually not contact aparty B538, and may prefer to investigate potential attacks onparty B538 byparty C546, independent from, rather than in cooperation with,party B538 whosedata storage544 is being accessed byqueries552. Thusparty A536 may prefer not to cooperate withparty B538.

If cooperation is not sought or received from aparty B538 under attack, then aparty A536 or an engaged party D563 on behalf ofparty A536 may prepare538aselected information. Accordingly, the information may be submitted540awith atransfer541 as discussed above. In certain circumstances, an independent party D563, such as a government agency or the like, or perhaps even an independent party, may need to obtain542 a right to monitorcomputer traffic552,559 ofparty B538. That right may require a wiretap, consent of particular commercial parties, or the approval of other government agencies. Typically, a court order authorizing wiretapping, or the commercial approval of an entity havingcontrol party B538 may be required.

After obtaining542 the ability and right to monitor exchanges of data, a party D563 orparty A536 may set up606aa remotecounter-invasive software system500. That is, thecounter-invasive software system500 may be remote from its operator,party A536 or party D563, or thesystem500 may be remotely located at a location ofparty A536 or party D563, or at a location remote from the monitored system ofparty B538 or the system ofparty C546.

Ifparty A536 or party D563 is working on a cooperative basis with the attackedparty B538, then setting up606bacounter-invasive software system500 may be done in any suitable manner as discussed above, or otherwise. Accordingly, information may be prepared538 B in order to provide dummy examples ofconfidential information540, that may be earmarked, contain signatures, codes, and the like, in order to be tracked if taken from thedata storage544 of a party B. Accordingly, loading540bthe prepared information into thedata storage544 may then provide a mechanism for tracking any transfers559 to download adata560 byparty C546. Thus, operating608bthecounter-invasive software system500 may produce trackingdata568 return to eitherparty A536,party B538, or independent party D563 operating on behalf ofparty A536 orparty B538.

Ultimately, atest600 may evaluate or determine whether or not evidence is sufficient to support a remedy. Atest612 determines whether or not it is likely that eitherpart B538 orparty C546 is coordinating and transferring559 information by way ofinvasive executables558. If so, then atest612 may determine whether or not it is likely that eitherparty B538 orparty C546 is in fact invading thedata storage544 or breaching the duty transferred543 toparty A536. If this is likely, although currently insufficient, evidence may be augmented bypreparation538bof additional information, or contacting604 other potentially aggrieved parties.

The initial evidence may appear to be not only lacking, but to point to an unlikelihood thatparty B538 orparty C546 is indeed breaching any duty or invading any rights. Then, theprocess600 may be directed toward anotherparty C546 with initiation ofdetection602 ofsoftware products556 containinginvasive executables558.

If, on the other hand, thetest610 determines that the evidence collected is sufficient to give rise to a cause of action by an aggrieved party, such as aparty A536, then filing620 an action may be appropriate, followed bydiscovery622, as discussed above. Typically, cooperation may be determined in atest624 after which either asettlement626 ortrial628 may result in anentry630 of an order. Monitoring632 and the like as described with respect toFIG. 19 may then be in order.

The present invention may be embodied in other specific forms without departing from the essential characteristics thereof. The described embodiments are to be considered in all respects only as illustrative, and not restrictive. The scope of the invention is, therefore, indicated by the appended claims, rather than by the foregoing description. All changes which come within the meaning and range of equivalency of the claims are to be embraced within their scope.

Claims (20)

1. An apparatus for countering invasive software activity, the apparatus comprising:

a first module programmed to detect an invasive executable in a software system received from an obligor;

a second module programmed to install a counter-invasive software application (CISA) to create evidence of invasive activity conducted as a result of the invasive executable;

a third module programmed to coordinate remedial action initiated against the obligor to obtain an obligation therefrom; and

a fourth module configured to monitor obligor activity with respect to the obligation.

2. The apparatus ofclaim 1, wherein the first, second, third, and fourth modules comprise one or more processors programmed to support functioning of one or more of the first, second, third, and fourth modules.

3. The apparatus ofclaim 1, wherein the software system is at least one of an application provided by a supplier and an application hosted by a service provider.

4. The apparatus ofclaim 3, wherein the obligor is at least one of the supplier and the service provider.

5. The apparatus ofclaim 3, further comprising a fifth module programmed to generate a communication to at least one of the supplier and the service provider to obtain cooperation in defeating the invasive executable.

6. The apparatus ofclaim 5, further comprising a sixth module programmed to generate a motivator directed to at least one of the supplier and the service provider to obtain cooperation in defeating the invasive executable.

7. The apparatus ofclaim 6, wherein the motivator is directed to motivating the at least one of the supplier and service provider to develop a solution remediating the invasive activity.

8. The apparatus ofclaim 1, further comprising a fifth module programmed to generate a motivator directed to the obligor, and the obligation is creating a solution rendering ineffectual the invasive executable.

9. The apparatus ofclaim 8, wherein the third module is configured to invoke the fifth module as a remedial action against the obligor.

10. The apparatus ofclaim 1, wherein the software system is provided by a supplier and hosted by a service provider; and

wherein the second module is further programmed to install the CISA on a computer of the service provider.

11. The apparatus ofclaim 1, wherein the software system is provided by a supplier and hosted by a service provider; and

wherein the second module is further programmed to install the CISA on a computer remote from the service provider and controlled independently from control by or knowledge of the service provider, thereby monitoring the service provider for at least one of breaches of duty due from the service provider to a client thereof and breaches of duty by the service provider as a result of the invasive executable.

12. The apparatus ofclaim 1, wherein the software system is provided by a supplier and hosted by a service provider; and

wherein the third module is further programmed to provide test information to the service provider, the test information containing a characteristic identifiable to substantiate the invasive activity by the invasive executable.

13. The apparatus ofclaim 12, wherein the third module is further programmed to provide the test information without informing the service provider concerning the characteristic thereof.

14. The apparatus ofclaim 13, further comprising a fifth module programmed to:

collect evidence of the activity of the invasive software; and

evaluate the evidence to determine the adequacy thereof to support a demand for remedial action against at least one of the service provider and the supplier.

15. The apparatus ofclaim 14, wherein the fifth module is further programmed to:

continue collecting, and adding to the evidence, additional evidence;

determine the adequacy of the evidence; and

take remedial action against at least one of the supplier and the service provider.

16. The apparatus ofclaim 1, further comprising a fifth module programmed to develop solution software to mitigate at least one effect of the invasive executable.

17. The apparatus ofclaim 1, further comprising a fifth module programmed to coordinate obtaining a right to monitor activity of the invasive executable operating on a hosting computer corresponding to a service supplier hosting the software system.

18. An apparatus for countering invasive software, the apparatus comprising:

a first module programmed to procure an invasive software system (ISS) provide by a supplier and configured to invasively obtain and communicate to the supplier proprietary information from a computer of a user, the proprietary information giving rise to a duty of non-disclosure thereof;

a second module programmed to test the ISS to determine an invasive operation thereof;

a third module programmed to execute a counter-invasive software application (CISA) to do at least one of detecting, ameliorating, and defeating the invasive operation of the invasive software system.

19. The apparatus ofclaim 18, further comprising a fourth module programmed to generate a motivator for the source of the ISS to do at least one of develop a solution effective to provide protection against the invasive activity of the ISS while leaving substantially operational legitimate operations of the ISS and modifying the ISS to render it ineffective.

20. The apparatus ofclaim 18, wherein:

the ISS comprises a computer operating system;

the CISA is programmed to create tracking data to monitor attempts by the ISS to conduct invasive activity; and

the first, second, and third modules comprise one or more processors programmed to support functioning of one or more of the first, second, and third modules.

Images